[Nasm-bugs] [Bug 3392756] New: Infinite loop in function paste_tokens() in asm/preproc.c
noreply-nasm at dev.nasm.us
noreply-nasm at dev.nasm.us
Tue May 11 21:24:57 PDT 2021
https://bugzilla.nasm.us/show_bug.cgi?id=3392756
Bug ID: 3392756
Summary: Infinite loop in function paste_tokens() in
asm/preproc.c
Product: NASM
Version: 2.16 (development)
Hardware: All
OS: All
Status: OPEN
Severity: normal
Priority: Medium
Component: Assembler
Assignee: nobody at nasm.us
Reporter: polaalemu at gmail.com
CC: chang.seok.bae at intel.com, gorcunov at gmail.com,
hpa at zytor.com, nasm-bugs at nasm.us
Obtained from: Built from git using configure
Created attachment 411818
--> https://bugzilla.nasm.us/attachment.cgi?id=411818&action=edit
infinite_loop_paste_tokens
In function paste_tokens() in asm/preproc.c.
The while loop at line 4977 will result in infinite loop in certain condition.
**Version**
NASM version 2.16rc0,commit 39bb9d7
**env**
ubuntu 20.04 x86_64
gcc version 9.3.0
**reproduce**
./bin/nasm -felf64 [poc]
**detail info**
*head
+------------------+ +----------------+
| 0x7ffff461f7c0 |--------->| 0x7ffff461f900 |
+------------------+ +----------------+
next = 0x7ffff461f900, next = 0x7ffff461f940,
type = TOKEN_ID, type = TOKEN_PASTE,
loop1
tok = *head = 0x7ffff461f7c0
next = tok->next = 0x7ffff461f900
loop2
tok = 0x7ffff461f900
next = 0x7ffff461f940
tok->type = TOKEN_PASTE
prev_nonspace = 0 at line 4994
then:
prev_next = nextp = head; = 0x7fffffffdc40
t = NULL
next = *nextp; = 0x7ffff461f7c0 line 5010
t = NULL at line 5025
then:
*prev_next = tok = next; = 0x7ffff461f7c0
tok = next; = 0x7ffff461f7c0 // loop happened
repoeter: chiba of topsec alphalab
--
You are receiving this mail because:
You are watching all bug changes.
You are on the CC list for the bug.
More information about the Nasm-bugs
mailing list