Stack-overflow in JS_GetPropertyInternal2

[Hanseltu]

Hi,

The following test input (input.js) causes the qjs a stack-overflow issue.

$cat input.js
function f(aqqusxkzn) {
var abudgcquf;
f.apply(null, ['']);
}
f('')

$./qjs input.js
ASAN:DEADLYSIGNAL
=================================================================
==27669==ERROR: AddressSanitizer: stack-overflow on address 0x7fffff7fef18 (pc 0x5555556f97fa bp 0x7fffff7ff210 sp 0x7fffff7feea0 T0)
    #0 0x5555556f97f9 in JS_GetPropertyInternal2 /home/benchmarks/quickjs/quickjs.c:7357
    #1 0x5555556faedd in JS_GetProperty /home/benchmarks/quickjs/quickjs.c:7510
    #2 0x5555557db985 in js_get_length32 /home/benchmarks/quickjs/quickjs.c:37557
    #3 0x5555557dbdff in build_arg_list /home/benchmarks/quickjs/quickjs.c:37603
    #4 0x5555557dc582 in js_function_apply /home/benchmarks/quickjs/quickjs.c:37653
    #5 0x55555572b2de in js_call_c_function /home/benchmarks/quickjs/quickjs.c:14727
    #6 0x55555572d0f1 in JS_CallInternal /home/benchmarks/quickjs/quickjs.c:14928
    #7 0x55555573492b in JS_CallInternal /home/benchmarks/quickjs/quickjs.c:15340
    #8 0x555555751627 in JS_Call /home/benchmarks/quickjs/quickjs.c:17451
    #9 0x5555557dc6b5 in js_function_apply /home/benchmarks/quickjs/quickjs.c:37659
    #10 0x55555572b2de in js_call_c_function /home/benchmarks/quickjs/quickjs.c:14727
    #11 0x55555572d0f1 in JS_CallInternal /home/benchmarks/quickjs/quickjs.c:14928
    #12 0x55555573492b in JS_CallInternal /home/benchmarks/quickjs/quickjs.c:15340
    #13 0x555555751627 in JS_Call /home/benchmarks/quickjs/quickjs.c:17451
    #14 0x5555557dc6b5 in js_function_apply /home/benchmarks/quickjs/quickjs.c:37659
    #15 0x55555572b2de in js_call_c_function /home/benchmarks/quickjs/quickjs.c:14727
    #16 0x55555572d0f1 in JS_CallInternal /home/benchmarks/quickjs/quickjs.c:14928
    #17 0x55555573492b in JS_CallInternal /home/benchmarks/quickjs/quickjs.c:15340
    ... // omit the same stack trace information
    #244 0x5555557dc6b5 in js_function_apply /home/benchmarks/quickjs/quickjs.c:37659
    #245 0x55555572b2de in js_call_c_function /home/benchmarks/quickjs/quickjs.c:14727
    #246 0x55555572d0f1 in JS_CallInternal /home/benchmarks/quickjs/quickjs.c:14928
    #247 0x55555573492b in JS_CallInternal /home/benchmarks/quickjs/quickjs.c:15340
    #248 0x555555751627 in JS_Call /home/benchmarks/quickjs/quickjs.c:17451
    #249 0x5555557dc6b5 in js_function_apply /home/benchmarks/quickjs/quickjs.c:37659
    #250 0x55555572b2de in js_call_c_function /home/benchmarks/quickjs/quickjs.c:14727

SUMMARY: AddressSanitizer: stack-overflow /home/benchmarks/quickjs/quickjs.c:7357 in JS_GetPropertyInternal2
==27669==ABORTING
G

Compilation command: cmake -DCMAKE_C_COMPILER=gcc -DCMAKE_BUILD_TYPE=Debug -DCMAKE_C_FLAGS="-fsanitize=address -ldl -static-libasan" -DCMAKE_INSTALL_PREFIX=/home/benchmarks/quickjs/build .. and make -j12.
Compiler version: gcc-7.5.0.
System: ubuntu 18.04.
quickjs version: master (74fd4d7).

Thanks.