[Nasm-bugs] [Bug 3392727] stack-use-after-scope on preproc.c:5225

noreply-nasm at dev.nasm.us noreply-nasm at dev.nasm.us
Sun Jan 3 18:25:59 PST 2021


https://bugzilla.nasm.us/show_bug.cgi?id=3392727

734222792 at qq.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |734222792 at qq.com

--- Comment #2 from 734222792 at qq.com ---
(In reply to Igor Munkin from comment #1)
> I see no UAF on the bleeding master (79ac0d6) but rather leakage:
> 
> $ ./nasm --version
> NASM version 2.16rc0 compiled on Jan  3 2021
> $ ./nasm -f bin POC -o tmp
> POC:1: error: label or instruction expected at start of line
> POC:3: warning: label alone on a line without a colon might be in error
> [-w+label-orphan]
> POC:4: error: label or instruction expected at start of line
> POC:5: warning: label alone on a line without a colon might be in error
> [-w+label-orphan]
> POC:7: error: parser: instruction expected
> POC:8: warning: unterminated string [-w+other]
> POC:8: error: label or instruction expected at start of line
> POC:9: error: label or instruction expected at start of line
> POC:10: warning: label alone on a line without a colon might be in error
> [-w+label-orphan]
> POC:12: warning: label alone on a line without a colon might be in error
> [-w+label-orphan]
> POC:13: warning: unterminated string [-w+other]
> POC:13: error: expression syntax error
> POC:14: warning: unterminated string [-w+other]
> POC:14: error: label or instruction expected at start of line
> POC:15: error: comma, colon, decorator or end of line expected after operand
> POC:18: error: label or instruction expected at start of line
> POC:19: error: invalid size type for `%local' missing directive
> POC:20: error: label or instruction expected at start of line
> POC:21: error: `%endrep': no matching `%rep'
> POC:22: error: parser: instruction expected
> POC:23: error: label or instruction expected at start of line
> POC:24: warning: label alone on a line without a colon might be in error
> [-w+label-orphan]
> POC:25: error: parser: instruction expected
> POC:26: warning: unterminated %[ construct [-w+other]
> POC:26: error: parser: instruction expected
> POC:28: error: parser: instruction expected
> POC:29: error: label or instruction expected at start of line
> 
> =================================================================
> ==5794==ERROR: LeakSanitizer: detected memory leaks
> 
> Direct leak of 11 byte(s) in 1 object(s) allocated from:
>     #0 0x7f28e2bc9908 in __interceptor_malloc
> /var/tmp/portage/sys-devel/gcc-9.3.0-r1/work/gcc-9.3.0/libsanitizer/asan/
> asan_malloc_linux.cc:144
>     #1 0x556bbd8dbf66 in nasm_malloc nasmlib/alloc.c:55
>     #2 0x556bbd8dc3b3 in nasm_strcat nasmlib/alloc.c:139
>     #3 0x556bbd910e1f in find_label asm/labels.c:235
>     #4 0x556bbd911424 in lookup_label asm/labels.c:277
>     #5 0x556bbd965d76 in expr6 asm/eval.c:971
>     #6 0x556bbd964ff0 in expr6 asm/eval.c:859
>     #7 0x556bbd963e94 in expr5 asm/eval.c:627
>     #8 0x556bbd963dcc in expr4 asm/eval.c:602
>     #9 0x556bbd963b7f in expr3 asm/eval.c:563
>     #10 0x556bbd963a6b in expr2 asm/eval.c:537
>     #11 0x556bbd963959 in expr1 asm/eval.c:511
>     #12 0x556bbd963847 in expr0 asm/eval.c:485
>     #13 0x556bbd963557 in rexp3 asm/eval.c:422
>     #14 0x556bbd963437 in rexp2 asm/eval.c:396
>     #15 0x556bbd963314 in rexp1 asm/eval.c:369
>     #16 0x556bbd9631f3 in rexp0 asm/eval.c:342
>     #17 0x556bbd963101 in cexpr asm/eval.c:305
>     #18 0x556bbd9630f2 in bexpr asm/eval.c:298
>     #19 0x556bbd9664f5 in evaluate asm/eval.c:1032
>     #20 0x556bbd91eca0 in parse_line asm/parser.c:994
>     #21 0x556bbd8d7cb0 in assemble_file asm/nasm.c:1735
>     #22 0x556bbd8d0ed4 in main asm/nasm.c:717
>     #23 0x7f28e1fbdeda in __libc_start_main (/lib64/libc.so.6+0x23eda)
> 
> SUMMARY: AddressSanitizer: 11 byte(s) leaked in 1 allocation(s).

I use the NASM 2.15.05 from github

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are watching all bug changes.


More information about the Nasm-bugs mailing list