You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It is a problem with CTinyJS :: term. In the TinyJS.cpp: 1813 line, a null pointer reference is triggered, as shown in the figure:
The reason for the vulnerability is that when the temporary assignment variable b is generated, it is not verified whether b is empty, and then b-> var refers to b, which causes the vulnerability.
PoC construction
In the process of declaring a variable, a null pointer can be caused by adding a null character after "*".
That is, a null character is added after the multiplication symbol.
The text was updated successfully, but these errors were encountered:
Enviroment
poc:
https://drive.google.com/open?id=1S3o5dJNvjp19QdkdgZsg2YRAb6G_2Wfy
vulnerability description:
It is a problem with CTinyJS :: term. In the TinyJS.cpp: 1813 line, a null pointer reference is triggered, as shown in the figure:
The reason for the vulnerability is that when the temporary assignment variable b is generated, it is not verified whether b is empty, and then b-> var refers to b, which causes the vulnerability.
PoC construction
In the process of declaring a variable, a null pointer can be caused by adding a null character after "*".
That is, a null character is added after the multiplication symbol.
The text was updated successfully, but these errors were encountered: