[Nasm-bugs] [Bug 3392819] New: SEGV output/outaout.c:566 in aout_add_gotoff_reloc
noreply-nasm at dev.nasm.us
noreply-nasm at dev.nasm.us
Thu Oct 20 01:33:37 PDT 2022
https://bugzilla.nasm.us/show_bug.cgi?id=3392819
Bug ID: 3392819
Summary: SEGV output/outaout.c:566 in aout_add_gotoff_reloc
Product: NASM
Version: 2.16 (development)
Hardware: All
OS: All
Status: OPEN
Severity: normal
Priority: Medium
Component: Assembler
Assignee: nobody at nasm.us
Reporter: 13579and24680 at gmail.com
CC: chang.seok.bae at intel.com, gorcunov at gmail.com,
hpa at zytor.com, nasm-bugs at nasm.us
Obtained from: Built from git using configure
Created attachment 411858
--> https://bugzilla.nasm.us/attachment.cgi?id=411858&action=edit
poc from fuzzer and afl-tmin
Hello, I found a segfault when fuzz nasm ELF.
------------------------------------------------------------------
normal execute
$ ./nasm -f aoutb poc
poc:3: error: invalid combination of opcode and operands
poc:6: warning: 64-bit unsigned relocation zero-extended from 32 bits
[-w+zext-reloc]
poc:6: error: `..gotoff' relocations require a non-global symbol in the section
Segmentation fault
-------------------------------------------------------------------
compile with asan (report)
$ ./nasm -f aoutb poc
poc:3: error: invalid combination of opcode and operands
poc:6: warning: 64-bit unsigned relocation zero-extended from 32 bits
[-w+zext-reloc]
poc:6: error: `..gotoff' relocations require a non-global symbol in the section
AddressSanitizer:DEADLYSIGNAL
=================================================================
==3053570==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000030 (pc
0x55a10486efa4 bp 0x7fff95281d40 sp 0x7fff95281d00 T0)
==3053570==The signal is caused by a READ memory access.
==3053570==Hint: address points to the zero page.
#0 0x55a10486efa3 in aout_add_gotoff_reloc output/outaout.c:566
#1 0x55a10486f4b0 in aout_out output/outaout.c:633
#2 0x55a1048bfbaf in nasm_do_legacy_output output/legacy.c:123
#3 0x55a10481a16c in out asm/assemble.c:459
#4 0x55a10481ae43 in out_imm asm/assemble.c:548
#5 0x55a104821fc9 in gencode asm/assemble.c:1955
#6 0x55a10481d147 in assemble asm/assemble.c:908
#7 0x55a104809ae5 in process_insn asm/nasm.c:1613
#8 0x55a10480a33c in assemble_file asm/nasm.c:1737
#9 0x55a10480586d in main asm/nasm.c:717
#10 0x7eff23a1a082 in __libc_start_main ../csu/libc-start.c:308
#11 0x55a104802ccd in _start (/home/a13579/nasm.asan+0x111ccd)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV output/outaout.c:566 in aout_add_gotoff_reloc
==3053570==ABORTING
-------------------------------------------------------------------
git log
$ git log --oneline -1
a8ff6bf7 (HEAD -> master, origin/master, origin/HEAD) Merge pull request #37
from hjl-tools/hjl/dwarf32
--
You are receiving this mail because:
You are on the CC list for the bug.
You are watching all bug changes.
More information about the Nasm-bugs
mailing list