185645 – null pointer in JSC::jsSubstringOfResolved

NEW185645

null pointer in JSC::jsSubstringOfResolved

https://bugs.webkit.org/show_bug.cgi?id=185645

Summary null pointer in JSC::jsSubstringOfResolved

zhunkibatu

Reported 2018-05-15 01:16:52 PDT

Created attachment 340396 [details] poc.js 1 0x7f7beb34ef40 WTFCrash 2 0x7f7be93c88f9 JSC::jsSubstringOfResolved(JSC::VM&, JSC::GCDeferralContext*, JSC::JSString*, unsigned int, unsigned int) 3 0x7f7be9398ee3 JSC::RegExpObject::execInline(JSC::ExecState*, JSC::JSGlobalObject*, JSC::JSString*) 4 0x7f7ba1cfe185 Illegal instruction

Attachments
poc.js (59 bytes, application/javascript) 2018-05-15 01:16 PDT, zhunkibatu	no flags	Details
View All Add attachment proposed patch, testcase, etc.

Alexey Proskuryakov

Comment 1 2018-05-17 12:50:08 PDT

I cannot reproduce this. Could you please attach a crash log? The version field says Safari 10. That version is old. Does this reproduce for you with Safari 11.1?

Note You need to log in before you can comment on or make changes to this bug.

Status NEW

Resolution

Priority P2

Severity Trivial

Classification Unclassified

Version Safari 10

Hardware PC

OS iOS 11

Product WebKit

Component JavaScriptCore

Assignee

Nobody

Reported

2018-05-15 01:16 PDT

Modified

2018-05-17 12:50 PDT History

CC List

1 user Show

URL

Keywords

Depends on

Blocks