The optimizer did not properly reset its internal state at jump destinations, which could lead to data corruption.
The optimizer performs symbolic execution at certain stages. At jump destinations, multiple code paths join and thus it has to compute a common state from the incoming edges. Computing this common state was not done correctly. This bug can cause data corruption, but it is probably quite hard to use for targeted attacks. - First Introduced: - Fixed in Version: 0.3.6 - Published: - Severity<: low - Optimizer Used: true