[Nasm-bugs] [Bug 3392637] New: Segmentation Fault in ieee_segment()

noreply-nasm at dev.nasm.us noreply-nasm at dev.nasm.us
Sun Dec 8 20:11:41 PST 2019

Previous message (by thread): [Nasm-bugs] [Bug 3392636] New: Heap-buffer-overflow in preproc.c
Next message (by thread): [Nasm-bugs] [Bug 3392638] New: An StackOverflow was discovered in the function expr3 in asm/eval.c through nasm-2.14.02
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

https://bugzilla.nasm.us/show_bug.cgi?id=3392637

            Bug ID: 3392637
           Summary: Segmentation Fault in ieee_segment()
           Product: NASM
           Version: 2.15 (development)
          Hardware: PC
                OS: Linux
            Status: OPEN
          Severity: normal
          Priority: Medium
         Component: Assembler
          Assignee: nobody at nasm.us
          Reporter: prada960808 at gmail.com
                CC: chang.seok.bae at intel.com, gorcunov at gmail.com,
                    hpa at zytor.com, nasm-bugs at nasm.us
     Obtained from: Build from source archive using configure

Created attachment 411751
  --> https://bugzilla.nasm.us/attachment.cgi?id=411751&action=edit
poc

Hi, 
I found Segmentation Fault in ieee_segment() at output/outieee.c:705:18
It is triggered in nasm version 2.15 and nasm-2.14.03rc2.
Please run following command

  nasm -f ieee -o /dev/null $PoC

Here's ASAN log

==8545==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc
0x00000042e7f0 bp 0x7ffecb7c3590 sp 0x7ffecb7c2d10 T0)
==8545==The signal is caused by a READ memory access.
==8545==Hint: address points to the zero page.
    #0 0x42e7ef in __interceptor_strcmp
/tmp/final/llvm.src/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc
    #1 0x953e76 in ieee_segment nasm-2.15rc0-20191023/output/outieee.c:705:18
    #2 0x5359f7 in process_directives
nasm-2.15rc0-20191023/asm/directiv.c:243:23
    #3 0x4f061b in assemble_file nasm-2.15rc0-20191023/asm/nasm.c:1639:17
    #4 0x4f061b in main nasm-2.15rc0-20191023/asm/nasm.c:637
    #5 0x7f0b02e3eb96 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
    #6 0x41abc9 in _start (nasm+0x41abc9)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV
/tmp/final/llvm.src/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc
in __interceptor_strcmp
==8545==ABORTING

NASM version 2.15rc0-20191023 compiled on Dec  9 2019

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are watching all bug changes.

Previous message (by thread): [Nasm-bugs] [Bug 3392636] New: Heap-buffer-overflow in preproc.c
Next message (by thread): [Nasm-bugs] [Bug 3392638] New: An StackOverflow was discovered in the function expr3 in asm/eval.c through nasm-2.14.02
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Nasm-bugs mailing list