[Nasm-bugs] [Bug 3392847] New: Null pointer dereference in nasm (function ieee_write_byte)
noreply-nasm at dev.nasm.us
noreply-nasm at dev.nasm.us
Thu Mar 16 01:23:29 PDT 2023
https://bugzilla.nasm.us/show_bug.cgi?id=3392847
Bug ID: 3392847
Summary: Null pointer dereference in nasm (function
ieee_write_byte)
Product: NASM
Version: 2.17 (development)
Hardware: All
OS: Linux
Status: OPEN
Severity: normal
Priority: Medium
Component: Assembler
Assignee: nobody at nasm.us
Reporter: youngseok.main at gmail.com
CC: chang.seok.bae at intel.com, gorcunov at gmail.com,
hpa at zytor.com, nasm-bugs at nasm.us
Obtained from: Built from git using configure
Created attachment 411871
--> https://bugzilla.nasm.us/attachment.cgi?id=411871&action=edit
poc_file
Hello, nasm developers.
Our fuzzer found a null pointer dereference in nasm.
Command Input:
nasm poc_file -f ieee
poc_file is attached.
Output:
poc_file:1: warning: label alone on a line without a colon might be in error
[-w+label-orphan]
Sanitizer Dump:
==28546==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc
0x5555557229b8 bp 0x7fffffffd8a0 sp 0x7fffffffd880 T0)
==28546==The signal is caused by a READ memory access.
==28546==Hint: address points to the zero page.
#0 0x5555557229b7 in ieee_write_byte output/outieee.c:1132
#1 0x555555722a47 in ieee_write_dword output/outieee.c:1143
#2 0x55555571dbdd in ieee_out output/outieee.c:437
#3 0x55555573c7fb in nasm_do_legacy_output output/legacy.c:121
#4 0x555555695d6a in out asm/assemble.c:457
#5 0x5555556976fa in out_eops asm/assemble.c:670
#6 0x555555697cd5 in assemble asm/assemble.c:724
#7 0x55555568610c in process_insn asm/nasm.c:1610
#8 0x55555568694a in assemble_file asm/nasm.c:1734
#9 0x555555681f50 in main asm/nasm.c:716
#10 0x7ffff6a48c86 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
#11 0x55555567f699 in _start
(/home/youngseok/latest-subjects/nasm/nasm+0x12b699)
Environment:
OS: Ubuntu 18.04
gcc: 7.5.0
nasm: 2.17rc0 (Git master branch, a916e4127b2eaa3bf40bddf3de9b0ceefc0d98a)
Note that we built nasm with sanitizers.
Any comments related to the crash are welcome. Since we are developing a new
fuzzing technique, it would be very helpful for our work.
Thank you.
--
You are receiving this mail because:
You are watching all bug changes.
You are on the CC list for the bug.
More information about the Nasm-bugs
mailing list