You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Program received signal SIGSEGV, Segmentation fault.
0x0000555555589710 in mjs_mk_ffi_sig (mjs=0x55555559fa76 <mjs_get_ptr+55>) at mjs.c:9774
9774 MJS_PRIVATE mjs_val_t mjs_mk_ffi_sig(struct mjs *mjs) {
--Type <RET> for more, q to quit, c to continue without paging--
#0 0x0000555555589710 in mjs_mk_ffi_sig (mjs=0x55555559fa76 <mjs_get_ptr+55>) at mjs.c:9774
#1 0x0000555555583ffd in mjs_execute (mjs=0x615000000080, off=0, res=0x7fffffffd9f0) at mjs.c:8824
#2 0x0000555555585183 in mjs_exec_internal (mjs=0x615000000080, path=0x7fffffffe0b7 "../bug_3",
src=0x60e000000120 " let o = {\n a: 7111.1111,\n a: 7111.1111,\n foo: 1.1111,\n foo: ffi-=\t44.1111,\n\t foofoo: 1.1111,\n foo: ffi-=\t44.1111,\n\t foo: ffi('int)\001\253\253\253\253\216\253o: 1.\253'),\n};", generate_jsc=0, res=0x7fffffffdab0) at mjs.c:9044
#3 0x0000555555585460 in mjs_exec_file (mjs=0x615000000080, path=0x7fffffffe0b7 "../bug_3", res=0x7fffffffdb80) at mjs.c:9067
#4 0x00005555555913e1 in main (argc=3, argv=0x7fffffffdcd8) at mjs.c:11406
address sanitizer info
AddressSanitizer:DEADLYSIGNAL
=================================================================
==1338032==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x555555589710 bp 0x7fffffffda10 sp 0x7fffffffd708 T0)
==1338032==The signal is caused by a READ memory access.
==1338032==Hint: address points to the zero page.
#0 0x55555558970f in mjs_mk_ffi_sig /home/hjkim/work/afl_exp/directed_fuzzing/mjs_latest/mjs/mjs.c:9774
#1 0x555555583ffc in mjs_execute /home/hjkim/work/afl_exp/directed_fuzzing/mjs_latest/mjs/mjs.c:8824
#2 0x555555585182 in mjs_exec_internal /home/hjkim/work/afl_exp/directed_fuzzing/mjs_latest/mjs/mjs.c:9044
#3 0x55555558545f in mjs_exec_file /home/hjkim/work/afl_exp/directed_fuzzing/mjs_latest/mjs/mjs.c:9067
#4 0x5555555913e0 in main /home/hjkim/work/afl_exp/directed_fuzzing/mjs_latest/mjs/mjs.c:11406
#5 0x7ffff73a1082 in __libc_start_main ../csu/libc-start.c:308
#6 0x55555555c8ed in _start (/data1/hjkim/afl_exp/directed_fuzzing/mjs_latest/mjs/mjs-asan+0x88ed)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/hjkim/work/afl_exp/directed_fuzzing/mjs_latest/mjs/mjs.c:9774 in mjs_mk_ffi_sig
==1338032==ABORTING
The text was updated successfully, but these errors were encountered:
The name of an affected Product
mjs
The affected version
Commit: b1b6eac (Tag: 2.20.0)
Description
An issue in cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_mk_ffi_sig function in the mjs.c file.
Vulnerability Type
Segmentation fault
Environment
Ubuntu 20.04
poc
run command
./mjs-asan -f poc
gdb info
address sanitizer info
The text was updated successfully, but these errors were encountered: