Debugging https://bugs.chromium.org/p/project-zero/issues/detail?id=1534 …, I see a NULL ptr rather than an obvious Use-After-Free. Is @ChakraCore not using the Windows Heap and does page heap therefore not apply to Chakra allocations? Is there a way to force Chakra to use the Windows heap so I can use page heap?
Is there a test or debug build of Edge? If so where do I find it and how do I pass arguments seeing as UWP apps only accept one argument.
-
-
I don't think there are any public debug builds of Edge. Unfortunately if you want pageheap for the chakra heap you are limited to ch.exe.
-
That's bad news as it effectively means that one cannot really debug this issue or any other issue that involves browser APIs. Also, all the null pointers I found are now suspect; any one of them may hide a UAF :/
-
@MicrosoftEdge Is there any chance of the Edge team (regularly) releasing a debug build for use by external security researchers? External fuzzing has historically contributed greatly to MSIE and Edge security, so facilitating that should have obvious benefits. -
Source code file and line number in the pdb would also be great, as it can easily be mapped to ChakraCore on github.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.