[Nasm-bugs] [Bug 3392743] New: Heap-buffer-overflow in preproc.c
noreply-nasm at dev.nasm.us
noreply-nasm at dev.nasm.us
Tue Feb 23 04:29:58 PST 2021
https://bugzilla.nasm.us/show_bug.cgi?id=3392743
Bug ID: 3392743
Summary: Heap-buffer-overflow in preproc.c
Product: NASM
Version: 2.16 (development)
Hardware: All
OS: All
Status: OPEN
Severity: normal
Priority: Medium
Component: Assembler
Assignee: nobody at nasm.us
Reporter: dz1833006 at smail.nju.edu.cn
CC: chang.seok.bae at intel.com, gorcunov at gmail.com,
hpa at zytor.com, nasm-bugs at nasm.us
Obtained from: Built from git using configure
Created attachment 411812
--> https://bugzilla.nasm.us/attachment.cgi?id=411812&action=edit
poc file
Version: github-master branch commit:6d95cc8 (2021.2.22)
Cmd: nasm poc -o tmp
Build options:
1. sh autogen.sh
2. CC=clang CXX=clang++ CFLAGS="-fsanitize=address" ./configure --enable-gdb
3. make
ASAN:
==163062==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x602000003bb8 at pc 0x000000558342 bp 0x7ffda3013d70 sp 0x7ffda3013d68
READ of size 4 at 0x602000003bb8 thread T0
#0 0x558341 in expand_mmacro /nasm/nasm-master/asm/preproc.c:6627:25
#1 0x537192 in pp_tokline /nasm/nasm-master/asm/preproc.c:7310:18
#2 0x534ad9 in pp_getline /nasm/nasm-master/asm/preproc.c:7322:17
#3 0x4f0937 in assemble_file /nasm/nasm-master/asm/nasm.c:1722:24
#4 0x4eed0d in main /nasm/nasm-master/asm/nasm.c:717:9
#5 0x7fd07cbaf0b2 in __libc_start_main
/build/glibc-ZN95T4/glibc-2.31/csu/../csu/libc-start.c:308:16
#6 0x41c42d in _start /nasm/nasm-master/nasm+0x41c42d)
0x602000003bb8 is located 0 bytes to the right of 8-byte region
[0x602000003bb0,0x602000003bb8)
allocated by thread T0 here:
#0 0x4c0117 in calloc
/llvm/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
#1 0x4fa91c in nasm_calloc /nasm/nasm-master/nasmlib/alloc.c:72:9
#2 0x557e54 in expand_mmacro /nasm/nasm-master/asm/preproc.c:6582:5
#3 0x537192 in pp_tokline /nasm/nasm-master/asm/preproc.c:7310:18
#4 0x534ad9 in pp_getline /nasm/nasm-master/asm/preproc.c:7322:17
#5 0x4f0937 in assemble_file /nasm/nasm-master/asm/nasm.c:1722:24
#6 0x4eed0d in main /nasm/nasm-master/asm/nasm.c:717:9
#7 0x7fd07cbaf0b2 in __libc_start_main
/build/glibc-ZN95T4/glibc-2.31/csu/../csu/libc-start.c:308:16
SUMMARY: AddressSanitizer: heap-buffer-overflow
/nasm/nasm-master/asm/preproc.c:6627:25 in expand_mmacro
Shadow bytes around the buggy address:
0x0c047fff8720: fa fa 02 fa fa fa fd fa fa fa fd fd fa fa fd fa
0x0c047fff8730: fa fa fd fa fa fa fd fa fa fa fd fa fa fa 02 fa
0x0c047fff8740: fa fa fd fa fa fa fd fd fa fa fd fa fa fa fd fa
0x0c047fff8750: fa fa fd fa fa fa fd fa fa fa 02 fa fa fa fd fa
0x0c047fff8760: fa fa fd fd fa fa 00 07 fa fa 05 fa fa fa 05 fa
=>0x0c047fff8770: fa fa fd fa fa fa 00[fa]fa fa fa fa fa fa fa fa
0x0c047fff8780: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff8790: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff87a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff87b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff87c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
--
You are receiving this mail because:
You are on the CC list for the bug.
You are watching all bug changes.
More information about the Nasm-bugs
mailing list