You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It is a problem with CTinyJS :: factor. On the TinyJS.cpp + 1663 line, a null pointer reference is triggered, as shown in the figure:
The reason for the vulnerability is that when a temporary assignment variable a is generated, it is not verified whether a is empty, and then a-> var refers to a, which causes the vulnerability.
poc construction
In the process of declaring a variable, a null pointer can be caused by adding a null character.
That is, an empty character is added after an element of the array.
The text was updated successfully, but these errors were encountered:
Enviroment
poc:
https://drive.google.com/open?id=1LDDlXy5TT1GcVikKCdYtbCjBKtBGGhJ_
vulnerability description:
It is a problem with CTinyJS :: factor. On the TinyJS.cpp + 1663 line, a null pointer reference is triggered, as shown in the figure:
The reason for the vulnerability is that when a temporary assignment variable a is generated, it is not verified whether a is empty, and then a-> var refers to a, which causes the vulnerability.
poc construction
In the process of declaring a variable, a null pointer can be caused by adding a null character.
That is, an empty character is added after an element of the array.
The text was updated successfully, but these errors were encountered: