Closed
Bug 1558327
Opened 6 years ago
Closed 6 years ago
AddressSanitizer: heap-use-after-free [@ end] with READ of size 8 through [@ js::ProxyObject::nuke]
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 1556933
| Tracking | Status | |
|---|---|---|
| firefox69 | --- | fixed |
People
(Reporter: decoder, Unassigned)
Details
(Keywords: crash, regression, Whiteboard: [adv-main69-])
Attachments
(1 file)
|
18.49 KB,
text/plain
|
Details |
The attached crash information was submitted via the ASan Nightly Reporter on mozilla-central-asan-nightly revision 69.0a1-20190604034844-https://hg.mozilla.org/mozilla-central/rev/c909c105f914f69054b9a7c6b189ee39fa1cad44.
For detailed crash information, see attachment.
|
Reporter | |
Comment 1•6 years ago
|
||
|
|
Reporter | |
Updated•6 years ago
|
Flags: sec-bounty?
|
||
Comment 3•6 years ago
|
||
This looks a lot like https://bugzilla.mozilla.org/show_bug.cgi?id=1556933.
|
|
Reporter | |
Comment 4•6 years ago
|
||
Yes, it is your crash, duping.
Status: NEW → RESOLVED
Closed: 6 years ago
Flags: sec-bounty?
Resolution: --- → DUPLICATE
|
||
Updated•5 years ago
|
|
||
Updated•5 years ago
|
Whiteboard: [adv-main69-]
|
||
Updated•2 years ago
|
Group: javascript-core-security
Type: task → defect
You need to log in
before you can comment on or make changes to this bug.
Description
•