Watch for CVE coming out of Bigsleep

[Sytten]

Google released bigsleep and found a number of vulns in quickjs. It is not public yet, but we should expect that some will be applicable here. https://goo.gle/bigsleep

[guest271314]

I wonder Google's program says about user vulnerability due to biometric PII fingerprinting via Google Chrome recording users' voices and sending that data to remote Google servers for Web Speech API SpeechRecognition (since STT and TTS are not shipped in the browser)?

[past-due]

Commits to review for merging:

• fixed buffer overflow in js_bigint_from_string()
  • bellard/quickjs@e1c18be (may apply more easily once Port bellard/quickjs "dtoa library" commits #1142 is merged)
• fixed crash in OP_add_loc if the variable is modified in JS_ToPrimitiveFree()
  • bellard/quickjs@1168c21
• fixed buffer overflow in js_bigint_to_string1()
  • bellard/quickjs@9ce5442
• fixed buffer overflow in TypedArray.prototype.lastIndexOf()
  • bellard/quickjs@c927eca
• avoid side effects in JS_PrintValue() which may lead to crashes in print() and js_std_promise_rejection_check()
  • bellard/quickjs@4e0d0b7
• limit function and regexp bytecode to 1G to avoid buffer overflows (the bytecode generators assume that bytecode offsets can fit a 32 bit signed integer
  • bellard/quickjs@d9ec8f1