[Nasm-bugs] [Bug 3392645] New: stack-overflow in scan at stdscan.c:131

[noreply-nasm at dev.nasm.us]

https://bugzilla.nasm.us/show_bug.cgi?id=3392645

            Bug ID: 3392645
           Summary: stack-overflow in scan at stdscan.c:131
           Product: NASM
           Version: 2.15 (development)
          Hardware: PC
                OS: Linux
            Status: OPEN
          Severity: normal
          Priority: Medium
         Component: Assembler
          Assignee: nobody at nasm.us
          Reporter: prada960808 at gmail.com
                CC: chang.seok.bae at intel.com, gorcunov at gmail.com,
                    hpa at zytor.com, nasm-bugs at nasm.us
     Obtained from: Built from git using configure

Created attachment 411756
  --> https://bugzilla.nasm.us/attachment.cgi?id=411756&action=edit
poc

Hi, 
I found a stack-overflow in scan at stdscan.c:131
It is triggered in nasm version 2.15.
NASM version 2.15rc0-20191023 compiled on Dec  9 2019

Please run following command
$ nasm -o /dev/null -f win64 $PoC

Here's ASAN log
==303==ERROR: AddressSanitizer: stack-overflow on address 0x7fffe3d12ed8 (pc
0x0000004d7a4c bp 0x7fffe3d13750 sp 0x7fffe3d12ee0 T0)
    #0 0x4d7a4b in __asan_memset
(/mnt/hda2/suhwan/BUG_AFL/ezxml_fuzzing/nasm+0x4d7a4b)
    #1 0x6d7461 in stdscan
/home/suhwan/project/program/nasm-2.15rc0-20191023/asm/stdscan.c:131:5
    #2 0x6bd797 in scan
/home/suhwan/project/program/nasm-2.15rc0-20191023/asm/eval.c:263:17
    #3 0x6bd797 in expr6
/home/suhwan/project/program/nasm-2.15rc0-20191023/asm/eval.c:838

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are watching all bug changes.