heap-use-after-free at quickjs.h:661 #3

kvenux · 2020-09-14T02:23:27Z

Build environment:

Ubuntu 16.04
gcc 5.4.0
qjs version: af1420f(git hash)
test command: ./qjs poc

POC

qjs-000039.txt

Description

Below is the ASAN outputs. Heap use-after-free at QuickJS/quickjs.h:661

The text was updated successfully, but these errors were encountered:

bellard · 2020-10-02T13:09:21Z

Already fixed in 2020-09-06 release.

change cicd yml

Fix build against HaikuOS

doc: add how to build and test262 steps

feat/boost

…uery-3.5.0 Bump jquery from 3.4.1 to 3.5.0

* Add vim swapfiles to gitignore * Use local emcc binary * Build for emscripten web target * Enable QuickJS bignum extensions * Update generated files * Update README.md * test * build * build * new package name Co-authored-by: Ben Sidhom <[email protected]> Co-authored-by: menduz <[email protected]>

* 0.23.0 * update changelog for 0.21.1 * Bump qs from 6.5.2 to 6.5.3 (bellard#89) Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. - [Release notes](https://github.com/ljharb/qs/releases) - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.5.2...v6.5.3) --- updated-dependencies: - dependency-name: qs dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump decode-uri-component from 0.2.0 to 0.2.2 (bellard#83) Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) --- updated-dependencies: - dependency-name: decode-uri-component dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fix for func_id rollover (bellard#94) * 32767 functions good, 32768 functions BAD * change `magic` to uin16_t (avoids signed intereger overflow) * type magic as uint32_t, add simple test * re-enable all tests * remove missed test code * address PR issues * switch to a map of maps for fnMap * update fnId to start at min value * skip max funcID tests for debug mode * missed a flag * run prettier * Bump http-cache-semantics from 4.1.0 to 4.1.1 (bellard#97) Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/kornelski/http-cache-semantics/releases) - [Commits](kornelski/http-cache-semantics@v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: http-cache-semantics dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * 0.21.2 * scripts/emcc.sh: cache lto .a files in build/emsdk-cache * unknown change to .map file * Emit async imports for variants (bellard#100) * upgrade typescript * attempt to use nodenext tsc * revert enabling noUnused{Locals,Parameters} * fix imports to use real extensions * update mocha for ESM * awkward async import issue * npm run build * examples/website: update for newer NPM, typescript * fix behavior for webpack build * bump emsdk to 3.1.31 * fix function signature * cache another item * use EMSDK 3.1.32 native, 3.1.31 in Docker * add some extra default timeout * Fix breakage caused by upgrade * rebuild * More precise/strict compilation (drop support for node<16) * rebuild * add note about MINIMAL_RUNTIME * tested website * ? * pretty * BigInt (-DCONFIG_BIGNUM) support (bellard#104) * enable CONFIG_BIGNUM * recompile for bignum * bigint basics * vm.dump for bigint * fix bigint call * update changelog * dump * Extended Symbol support (bellard#105) * Symbol utilities * rebuild * update CHANGLOG.md * rebuild docs * update changelog * 0.22.0 * Increase ASYNCIFY_STACK_SIZE (bellard#114) * Increase ASYNCIFY_STACK_SIZE * Add dynamic asyncify stack size * update docs & changelog * rebuild docs * 0.23.0 * Makefile: use emscripten/emsdk:3.1.35 from docker * rebuild * update smoketest * feat: BigNum (bellard#3) * Add vim swapfiles to gitignore * Use local emcc binary * Build for emscripten web target * Enable QuickJS bignum extensions * Update generated files * Update README.md * test * build * build * new package name Co-authored-by: Ben Sidhom <[email protected]> Co-authored-by: menduz <[email protected]> * feat: add opcode instructions counter (bellard#1) * add opcode counter * remove static * update generated * fix * fix prettier * remove prepack * feat: move opcode counters to uint64 (bellard#4) * feat: move the counter to 64bit * fix test * increase mocha timeout * fix prettier * rebuild * fix lock * fix package.json * prettier * ignore emsdk-cache in prettier --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Jake Teton-Landis <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Adam Yost <[email protected]> Co-authored-by: yar2001 <[email protected]> Co-authored-by: Lean Mendoza <[email protected]> Co-authored-by: Ben Sidhom <[email protected]>

* add patch for ts2wasm * add infc tag

…e-info Fix for opcode value overlap causing compile fail

kvenux mentioned this issue Sep 14, 2020

stack-overflow at quickjs.c:31754 #8

Closed

bellard closed this as completed Oct 2, 2020

apascovici mentioned this issue Nov 3, 2020

Stack overflow in re_parse_term #29

Closed

GerHobbelt pushed a commit to GerHobbelt/quickjs that referenced this issue May 6, 2022

Merge pull request bellard#3 from github0null/dev

4af5c35

change cicd yml

GerHobbelt pushed a commit to GerHobbelt/quickjs that referenced this issue May 6, 2022

Merge pull request bellard#3 from CardinalModules/master

d6008cb

Fix build against HaikuOS

cykoder pushed a commit to cykoder/quickjs that referenced this issue Sep 1, 2023

Merge pull request bellard#3 from openwebf/feat/doc_update

12d4b14

doc: add how to build and test262 steps

GerHobbelt pushed a commit to GerHobbelt/quickjs that referenced this issue Oct 17, 2023

Merge pull request bellard#3 from hsiaosiyuan0/feat/boost

ee98eea

feat/boost

GerHobbelt pushed a commit to GerHobbelt/quickjs that referenced this issue Oct 17, 2023

Merge pull request bellard#3 from justjake/dependabot/npm_and_yarn/jq…

39c8ffe

…uery-3.5.0 Bump jquery from 3.4.1 to 3.5.0

GerHobbelt pushed a commit to GerHobbelt/quickjs that referenced this issue Oct 17, 2023

add infc tag (bellard#3)

d4f2223

* add patch for ts2wasm * add infc tag

TooTallNate pushed a commit to TooTallNate/quickjs that referenced this issue Dec 18, 2023

ci: add macos build+test workflow (bellard#3)

62f6789

MarkAckert pushed a commit to MarkAckert/quickjs-profiling that referenced this issue Dec 18, 2024

Merge pull request bellard#3 from 1000TurquoisePogs/feature/add-opcod…

b4a8e74

…e-info Fix for opcode value overlap causing compile fail

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

heap-use-after-free at quickjs.h:661 #3

heap-use-after-free at quickjs.h:661 #3

kvenux commented Sep 14, 2020

bellard commented Oct 2, 2020

heap-use-after-free at quickjs.h:661 #3

heap-use-after-free at quickjs.h:661 #3

Comments

kvenux commented Sep 14, 2020

Build environment:

POC

Description

bellard commented Oct 2, 2020