jerry crashed while running the following code.

Question

jerry crashed while running the following code.

Opened this issue a year ago · 1 comments

JerryScript revision

1a2c047

Build platform

Name the build platform. E.g., copy the output of
Ubuntu Lunar Lobster (development branch) (Linux 5.15.0-67-generic x86_64)

Build steps

python3 tools/build.py --builddir=asan --compile-flag=-fno-omit-frame-pointer --compile-flag=-fsanitize=address  --compile-flag=-fno-optimize-sibling-calls --compile-flag=-g --strip=OFF

Test case

function f0(a1, a2, ...a3) {
class C4 extends a1 {
}
var v5 = new C4(C4);
return C4;
}
f0(f0);

Execution steps

./build/bin/jerry  test.js

Output

segmentfault

Backtrace

==51694==ERROR: AddressSanitizer: stack-overflow on address 0x7ffe6695efc0 (pc 0x5556250c8272 bp 0x7ffe6695f070 sp 0x7ffe6695efb0 T0)
#0 0x5556250c8272 in ecma_op_function_construct /home/zxw/jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1704
#1 0x5556250c8958 in ecma_op_function_construct_constructor /home/zxw/jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1631
#2 0x5556250c8958 in ecma_op_function_construct /home/zxw/jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1727
#3 0x5556250c8958 in ecma_op_function_construct_constructor /home/zxw/jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1631
...
...
#491 0x5556250c8958 in ecma_op_function_construct_constructor /home/zxw/jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1631
#492 0x5556250c8958 in ecma_op_function_construct /home/zxw/jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1727
#493 0x5556250c8958 in ecma_op_function_construct_constructor /home/zxw/jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1631
#494 0x5556250c8958 in ecma_op_function_construct /home/zxw/jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1727
#495 0x5556250c8958 in ecma_op_function_construct_constructor /home/zxw/jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1631
#496 0x5556250c8958 in ecma_op_function_construct /home/zxw/jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1727

SUMMARY: AddressSanitizer: stack-overflow /home/zxw/jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1704 in ecma_op_function_construct
==51694==ABORTING

Answer 1 · 2023-04-26T19:26:13.000Z

CVE-2023-30410 appears to have been assigned for this issue.