[Nasm-bugs] [Bug 3392725] In NASM 2.15.05, there is a heap-buffer-overflow vulnerability in asm/preproc.c, line 6352.
noreply-nasm at dev.nasm.us
noreply-nasm at dev.nasm.us
Tue Apr 19 16:28:04 PDT 2022
https://bugzilla.nasm.us/show_bug.cgi?id=3392725
Liam Bowen <liambowen at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |liambowen at gmail.com
--- Comment #2 from Liam Bowen <liambowen at gmail.com> ---
This is still present in master as of 3f9fc2a3, although it moved slightly:
==1492501==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x60200000b298 at pc 0x5579ff7deeb8 bp 0x7ffd28702090 sp 0x7ffd28702080
READ of size 4 at 0x60200000b298 thread T0
#0 0x5579ff7deeb7 in expand_mmacro asm/preproc.c:6633
#1 0x5579ff7deeb7 in pp_tokline asm/preproc.c:7316
#2 0x5579ff7deeb7 in pp_getline asm/preproc.c:7328
#3 0x5579ff75a7bc in assemble_file asm/nasm.c:1722
#4 0x5579ff750ed7 in main asm/nasm.c:717
#5 0x7fdfd32860b2 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x240b2)
#6 0x5579ff7536fd in _start (/home/liam/nasm/nasm+0x2b46fd)
What fuzzer did you use to generate poc?
--
You are receiving this mail because:
You are on the CC list for the bug.
You are watching all bug changes.
More information about the Nasm-bugs
mailing list