[Nasm-bugs] [Bug 3392531] There is a heap-use-after-free at asm/preproc.c:5055(function:pp_getline) in nasm2.14rc16 that will cause dos attack.
noreply-nasm at gorcunov.org
noreply-nasm at gorcunov.org
Thu Jan 31 15:21:50 PST 2019
https://bugzilla.nasm.us/show_bug.cgi?id=3392531
sgayou at redhat.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |sgayou at redhat.com
--- Comment #1 from sgayou at redhat.com ---
Believe I reduced this to:
```
%macro a
%unmacro a
%endmacro
%eunmacro a
```
Returning early (false) in parse_mmacro_spec here:
```
error(ERR_NONFATAL, "`%s' expects a parameter count", directive);
return false;
```
seems to prevent the UAF. Stopped investigating at that point, was just trying
to prove to myself this was different than another very similar CVE.
--
You are receiving this mail because:
You are watching all bug changes.
You are on the CC list for the bug.
More information about the Nasm-bugs
mailing list