Closed
Description
JerryScript revision
Build platform
Ubuntu 16.04.6 LTS (Linux 4.15.0-99-generic x86_64)
Build steps
./tools/build.py --clean --debug --compile-flag=-fsanitize=address \
--compile-flag=-m32 --compile-flag=-fno-omit-frame-pointer \
--compile-flag=-fno-common --compile-flag=-g --strip=off \
--system-allocator=on --logging=on --linker-flag=-fuse-ld=gold \
--error-messages=on --profile=es2015-subset --lto=off
Test case
this.RegExp.prototype.constructor = /'(detailForm:j_id\d+)'[^>]+>[^>]+Export to XLS format/;
assert(!!"xabcxabcx".replace (/abc/g, "[$&][$`][$']")(r) && !!bad.match(r));
Output
ICE: Assertion 'ecma_object_is_constructor (ctor_obj_p)' failed at /home/JerryScript/jerry-core/ecma/operations/ecma-function-object.c(ecma_op_get_prototype_from_constructor):787.
Error: ERR_FAILED_INTERNAL_ASSERTION
Aborted
Credits: This vulnerability is detected by chong from OWL337.