[Nasm-bugs] [Bug 3392778] New: SEGFAULT in nasm at preproc.c:5092

noreply-nasm at dev.nasm.us noreply-nasm at dev.nasm.us
Tue Aug 31 05:34:50 PDT 2021

Previous message (by thread): [Nasm-bugs] [Bug 3392777] New: [FEATURE REQUEST] Support for LC_BUILD_VERSION in macho output
Next message (by thread): [Nasm-bugs] [Bug 3392779] New: Use-after-free in nasm at preproc:7257
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

https://bugzilla.nasm.us/show_bug.cgi?id=3392778

            Bug ID: 3392778
           Summary: SEGFAULT in nasm at preproc.c:5092
           Product: NASM
           Version: unspecified
          Hardware: All
                OS: Linux
            Status: OPEN
          Severity: normal
          Priority: Medium
         Component: Assembler
          Assignee: nobody at nasm.us
          Reporter: irfanariqzaki at gmail.com
                CC: chang.seok.bae at intel.com, gorcunov at gmail.com,
                    hpa at zytor.com, nasm-bugs at nasm.us
     Obtained from: Built from git using configure

Created attachment 411824
  --> https://bugzilla.nasm.us/attachment.cgi?id=411824&action=edit
poc and full stack trace

Hello,

We are currently working on fuzz testing feature, and we found a crash on nasm.

The stack traces are as follow:
==620==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc
0x564c4dfe4cbc bp 0x7ffde62d0940 sp 0x7ffde62d08b0 T0)
==620==The signal is caused by a READ memory access.
==620==Hint: address points to the zero page.
    #0 0x564c4dfe4cbb in paste_tokens asm/preproc.c:5092
    #1 0x564c4dfe65ca in expand_mmac_params asm/preproc.c:5386
    #2 0x564c4dfefdda in pp_tokline asm/preproc.c:7258
    #3 0x564c4dff03a4 in pp_getline asm/preproc.c:7328
    #4 0x564c4dfa6b77 in assemble_file asm/nasm.c:1722
    #5 0x564c4dfa20e6 in main asm/nasm.c:717
    #6 0x7fc69d2a4bf6 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21bf6)
    #7 0x564c4df9f699 in _start (.../nasm-git/install_asan/bin/nasm+0x111699)
The full stack trace and output are attached.

**Step to reproduce**

We configured `nasm` using 

$ CFLAGS="-g -O0 -fsanitize=address" ./configure

and built it using 

$ make -j10; make install

and run it with:

$ ./nasm <attached file> -o /dev/null

The poc input is attached

**Environment**

- OS: Ubuntu 18.04.5 LTS
- GCC version: gcc 7.5.0
- nasm version: github master branch commit (e2ed7b7)
(https://github.com/netwide-assembler/nasm/tree/e2ed7b7e125e03646d3be537b11d1b46b9c3f506)

Thank you.

-- 
You are receiving this mail because:
You are watching all bug changes.
You are on the CC list for the bug.

Previous message (by thread): [Nasm-bugs] [Bug 3392777] New: [FEATURE REQUEST] Support for LC_BUILD_VERSION in macho output
Next message (by thread): [Nasm-bugs] [Bug 3392779] New: Use-after-free in nasm at preproc:7257
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Nasm-bugs mailing list