Microlight.js Null Pointer Dereference Vulnerability

A null pointer dereference vulnerability exists in Microlight.js version 0.0.7, a lightweight syntax highlighting library. The issue arises when the library processes elements with non-standard CSS color values. It fails to validate the outcome of a regular expression match before accessing its properties, which leads to an uncaught TypeError and a potential application crash. This vulnerability can cause a denial-of-service condition by crashing browser tabs running applications that use Microlight.js, creating unstable user experiences, and potentially leading to data loss if a user has unsaved work in the affected browser tab.

Impact

Exploitation of this vulnerability causes a denial-of-service condition, leading to an application crash.

Reproduction

To reproduce this vulnerability, create HTML elements with the 'microlight' class and set their CSS color property to non-standard values that do not match the expected RGB or RGBA format, such as 'transparent', 'inherit', 'initial', 'unset', 'none', or 'invalidcolor'. After applying these color values, call the 'microlight.reset()' function to trigger the highlighting process. The absence of a crash indicates that the vulnerability has not been successfully exploited.

Remediation

The vulnerability can be addressed by adding proper validation for the 'colorArr' variable before accessing its properties. The updated code should include a default value in case the regular expression match fails.