Fix stack overflow in CVE-2023-31922 - chawan - Chawan - a web browser for your terminal (mirror)

diff options

author	Nick Vatamaniuc <vatamane@gmail.com>	2023-05-28 01:50:46 -0400
committer	bptato <nincsnevem662@gmail.com>	2023-09-23 13:45:39 +0200
commit	43c01994f48b1452f32c3e4269167634b23fb601 (patch)
tree	4bdceda5ff8083e0265b48cc1dd6303dccc72997 /Makefile
parent	821693c4374d9895f462fa29644905c61dbb241d (diff)
download	chawan-43c01994f48b1452f32c3e4269167634b23fb601.tar.gz

Fix stack overflow in CVE-2023-31922

isArray and proxy isArray can call each other indefinitely in a mutually
recursive loop.

Add a stack overflow check in the js_proxy_isArray function before calling
JS_isArray(ctx, s->target).

With ASAN the the poc.js from issue 178:

```
./qjs ./poc.js
InternalError: stack overflow
  at isArray (native)
  at <eval> (./poc.js:4)
```

Fix: https://github.com/bellard/quickjs/issues/178

Diffstat (limited to 'Makefile')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: