Vulnerability Key Information Title: ChaiScript develop branch Uncontrolled Recursion Description: A stack overflow vulnerability has been identified in ChaiScript. When a user-defined operator recursively calls itself within a string interpolation block, it triggers a crash. The engine fails to detect infinite recursion, leading to stack exhaustion and a hard crash (SEGV). Environment: - Operating System: Linux x86_64 - Compiler: Clang - Build Configuration: Release mode with ASan enabled Vulnerability Details: - Target: ChaiScript - Vulnerability Type: CWE-674: Uncontrolled Recursion (Stack Overflow) - Function: / - Location: (deep recursion occurs during evaluation loop) - Root Cause Analysis: The PoC defines a recursive operator. Code Example: When is executed, it invokes the custom operator. Inside the function body, the same operator is immediately called again, creating an infinite chain within . ChaiScript appears to lack sufficient protection against this specific recursive pattern, resulting in stack exhaustion and a crash.