Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-3388 is a stack overflow vulnerability in the Squirrel programming language compiler, specifically in the functions SQCompiler::Factor and SQCompiler::UnaryOP within the file squirrel/sqcompiler.cpp.'}, {'type': 'paragraph', 'content': "The vulnerability arises because the compiler processes unary operators (such as logical NOT '!' or negation '-') recursively without any limit on recursion depth. The functions SQCompiler::Factor, SQCompiler::UnaryOP, and SQCompiler::PrefixedExpr call each other repeatedly for each unary operator encountered, creating an uncontrolled recursion loop."}, {'type': 'paragraph', 'content': 'This uncontrolled recursion leads to stack exhaustion and a crash, causing a denial of service. The issue can be triggered by providing a script with a long chain of unary operators, which causes the compiler to overflow the stack and crash.'}] [1, 4]

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can impact you by causing a denial of service (DoS) on systems running the affected Squirrel compiler versions up to 3.2.

An attacker with local access can exploit this vulnerability by providing specially crafted input containing deeply nested unary operators, which triggers uncontrolled recursion and stack exhaustion, leading to a crash of the compiler.

The impact is limited to availability, as the vulnerability does not affect confidentiality or integrity, but it can disrupt normal operations by crashing the compiler.

Useful 0 Not Useful 0

Compliance Impact

I don't know

Useful 0 Not Useful 0

Detection Guidance

[{'type': 'paragraph', 'content': "This vulnerability can be detected by compiling the Squirrel compiler with AddressSanitizer (ASan) enabled and running it on a script containing a long chain of unary operators (e.g., multiple logical NOTs '!!!!!!...'). The uncontrolled recursion will cause a stack overflow and crash, which ASan will report."}, {'type': 'paragraph', 'content': 'To reproduce and detect the issue, you can use the publicly available proof-of-concept input that triggers the stack overflow by feeding it to the Squirrel compiler built with ASan and Release mode.'}, {'type': 'paragraph', 'content': 'No specific network detection commands are applicable since the attack requires local access and manipulation of the compiler input.'}, {'type': 'list_item', 'content': 'Build Squirrel compiler with ASan enabled and Release optimization.'}, {'type': 'list_item', 'content': "Run the compiler with a test script containing a long chain of unary operators, for example: a script with many '!' or '-' unary operators in sequence."}, {'type': 'list_item', 'content': 'Observe for stack overflow crashes or ASan reports indicating uncontrolled recursion.'}] [1, 4]

Useful 0 Not Useful 0

Mitigation Strategies

Currently, no known countermeasures or patches have been provided by the project maintainers.

Immediate mitigation steps include avoiding local execution of untrusted or maliciously crafted scripts containing deeply nested unary operators in the Squirrel compiler.

Consider replacing the affected Squirrel compiler version (up to 3.2) with an alternative or patched version once available.

Monitor for updates from the project or security advisories for any forthcoming fixes.

Useful 0 Not Useful 0