ladybird/Userland/Libraries/LibJS/Runtime/GlobalObject.cpp at 4e2a961a3deb3c738dd3545381fe18602927a8a9

mirror of https://github.com/LadybirdBrowser/ladybird synced 2026-04-30 03:27:15 +02:00

Files

Andreas Kling 7df3b95126 LibJS: GlobalObject must mark builtin prototypes

Failing to mark them leads to use-after-free since the GlobalObject
cached prototypes are used for new NumberObject, StringObject, etc.

Found by oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30319

2021-02-05 14:53:16 +01:00

11 KiB

Raw Blame History

View Raw

11 KiB Raw Blame History

11 KiB

Raw Blame History