[Nasm-bugs] [Bug 3392756] New: Infinite loop in function paste_tokens() in asm/preproc.c

noreply-nasm at dev.nasm.us noreply-nasm at dev.nasm.us
Tue May 11 21:24:57 PDT 2021


            Bug ID: 3392756
           Summary: Infinite loop in function paste_tokens() in
           Product: NASM
           Version: 2.16 (development)
          Hardware: All
                OS: All
            Status: OPEN
          Severity: normal
          Priority: Medium
         Component: Assembler
          Assignee: nobody at nasm.us
          Reporter: polaalemu at gmail.com
                CC: chang.seok.bae at intel.com, gorcunov at gmail.com,
                    hpa at zytor.com, nasm-bugs at nasm.us
     Obtained from: Built from git using configure

Created attachment 411818
  --> https://bugzilla.nasm.us/attachment.cgi?id=411818&action=edit

In function paste_tokens() in asm/preproc.c.
The while loop at line 4977 will result in infinite loop in certain condition.  

NASM version 2.16rc0,commit 39bb9d7

ubuntu 20.04 x86_64 
gcc version 9.3.0


./bin/nasm -felf64  [poc]

**detail info** 

     +------------------+          +----------------+                           
     |   0x7ffff461f7c0 |--------->| 0x7ffff461f900 |                           
     +------------------+          +----------------+                           
       next = 0x7ffff461f900,      next = 0x7ffff461f940,                       
       type = TOKEN_ID,            type = TOKEN_PASTE,                          

             tok = *head       = 0x7ffff461f7c0                                 
             next = tok->next  = 0x7ffff461f900                                 

             tok  = 0x7ffff461f900                                              
             next = 0x7ffff461f940                                              

             tok->type = TOKEN_PASTE     
             prev_nonspace = 0    at line  4994                                 
                 prev_next = nextp = head; = 0x7fffffffdc40          
                 t = NULL                                                  

             next = *nextp; = 0x7ffff461f7c0   line 5010                        

             t = NULL    at line 5025
                 *prev_next = tok = next; = 0x7ffff461f7c0   

             tok = next; = 0x7ffff461f7c0      // loop happened                 

      repoeter: chiba of topsec alphalab

You are receiving this mail because:
You are watching all bug changes.
You are on the CC list for the bug.

More information about the Nasm-bugs mailing list