[Nasm-bugs] [Bug 3392809] New: SEGV output/outieee.c:939 in ieee_write_file

noreply-nasm at dev.nasm.us noreply-nasm at dev.nasm.us
Thu Sep 15 03:28:20 PDT 2022

Previous message (by thread): [Nasm-bugs] [Bug 3392808] New: [Support request] absolute with label/dollar sign to change from progbits section to a nobits section
Next message (by thread): [Nasm-bugs] [Bug 3392810] New: Stack-buffer-overflow in disasm on address 0x7ffebdad1a40 at pc 0x00000043e569 bp 0x7ffebdace900 sp 0x7ffebdace8f8
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

https://bugzilla.nasm.us/show_bug.cgi?id=3392809

            Bug ID: 3392809
           Summary: SEGV output/outieee.c:939 in ieee_write_file
           Product: NASM
           Version: 2.16 (development)
          Hardware: All
                OS: All
            Status: OPEN
          Severity: normal
          Priority: Medium
         Component: Assembler
          Assignee: nobody at nasm.us
          Reporter: 13579and24680 at gmail.com
                CC: chang.seok.bae at intel.com, gorcunov at gmail.com,
                    hpa at zytor.com, nasm-bugs at nasm.us
     Obtained from: Built from git using configure

Created attachment 411849
  --> https://bugzilla.nasm.us/attachment.cgi?id=411849&action=edit
poc

Hello, I found a segfault when fuzz nasm ELF.

------------------------------------------------------------------
normal execute


$ ./nasm -f ieee ./poc
./poc:1: warning: label alone on a line without a colon might be in error
[-w+label-orphan]
Segmentation fault

-------------------------------------------------------------------
compile with asan (report)


$ ./nasm -f ieee ./poc
./poc:1: warning: label alone on a line without a colon might be in error
[-w+label-orphan]
AddressSanitizer:DEADLYSIGNAL
=================================================================
==357954==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc
0x5648fab12d5d bp 0x7ffcd3a2ed50 sp 0x7ffcd3a2e640 T0)
==357954==The signal is caused by a READ memory access.
==357954==Hint: address points to the zero page.
    #0 0x5648fab12d5c in ieee_write_file output/outieee.c:939
    #1 0x5648fab0ebec in ieee_cleanup output/outieee.c:231
    #2 0x5648faa748af in main asm/nasm.c:720
    #3 0x7fe405099082 in __libc_start_main ../csu/libc-start.c:308
    #4 0x5648faa71ccd in _start
(/home/a13579/SQ-Fuzz/mytest13579/nasm_cmplog_parfuzz/fuzz/asan_triage/nasm/nasm+0x111ccd)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV output/outieee.c:939 in ieee_write_file
==357954==ABORTING

-------------------------------------------------------------------
git log


$ git log --oneline -1
a8ff6bf7 (HEAD -> master, origin/master, origin/HEAD) Merge pull request #37
from hjl-tools/hjl/dwarf32

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are watching all bug changes.

Previous message (by thread): [Nasm-bugs] [Bug 3392808] New: [Support request] absolute with label/dollar sign to change from progbits section to a nobits section
Next message (by thread): [Nasm-bugs] [Bug 3392810] New: Stack-buffer-overflow in disasm on address 0x7ffebdad1a40 at pc 0x00000043e569 bp 0x7ffebdace900 sp 0x7ffebdace8f8
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Nasm-bugs mailing list