Squirrel Uncontrolled Recursion Vulnerability in Compiler
Vulnerability
A stack overflow vulnerability due to uncontrolled recursion has been identified in the Squirrel programming language compiler, specifically in versions up to 3.2. The issue arises in the 'SQCompiler::Factor' and 'SQCompiler::UnaryOP' functions within 'squirrel/sqcompiler.cpp'. This vulnerability allows for deep recursion when the parser processes scripts with heavily nested unary operators, such as multiple logical NOTs. The lack of a depth limit in the recursion handling leads to excessive stack usage, causing a crash. This vulnerability requires local exploitation and has a public proof-of-concept available.
Impact
Exploitation of this vulnerability causes a stack overflow, leading to a crash of the application.
Reproduction
The vulnerability can be reproduced by building Squirrel with release optimization and AddressSanitizer (ASan) enabled. After compiling the program, it can be run with a specific file that triggers the vulnerability, which is available in the GitHub repository of the user 'oneafter'. The ASan report will indicate the stack overflow error, confirming the successful exploitation of the vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.