jsish

View Ticket
Login
Ticket UUID: 9602dbd997acd592fe63ca7b9f47a9bda499f2c1
Title: Illegal read in jsi_ObjArrayLookup
Status: Closed Type: Code_Defect
Severity: Critical Priority: Immediate
Subsystem: Javascript Resolution: Fixed
Last Modified: 2018-08-23 20:21:40
Version Found In: 2.4.70 2.047
User Comments:
mdominiak added on 2018-08-23 10:30:36:
Testcase:
[][6600000000]

Result:
Crash due to Segmentation fault

Stack trace (from valgrind):
==13835== Invalid read of size 8
==13835==    at 0x512321: jsi_ObjArrayLookup (jsiObj.c:274)
==13835==    by 0x445415: Jsi_ValueObjLookup (jsiValue.c:349)
==13835==    by 0x44F28E: jsi_ValueSubscript (jsiValue.c:1040)
==13835==    by 0x44FEC7: jsi_ValueSubscriptLen (jsiValue.c:1077)
==13835==    by 0x65355C: evalSubscript (jsiEval.c:1080)
==13835==    by 0x65355C: _jsi_evalcode (jsiEval.c:1272)
==13835==    by 0x65CD8C: jsi_evalcode (jsiEval.c:2089)
==13835==    by 0x65EE59: jsi_evalStrFile (jsiEval.c:2340)
==13835==    by 0x477563: Jsi_Interactive (jsiUtils.c:923)
==13835==    by 0x46D1CC: Jsi_Main (jsiInterp.c:661)
==13835==    by 0x426449: main (main.c:43)
==13835==  Address 0xfffffffc50dd9150 is not stack'd, malloc'd or (recently) free'd

pcmacdon added on 2018-08-23 20:21:40:
Fixed in Release 2.4.71. [0e5852c56835] at jsiObj.c:260