[Nasm-devel] [PATCH v2] preproc: prohibit unmacro while macro expansion

hpa at zytor.com hpa at zytor.com
Thu Dec 31 03:54:24 PST 2020


On December 31, 2020 3:44:17 AM PST, Igor Munkin <imun at cpan.org> wrote:
>If macro is undefined while it's being expanded, use after free occurs,
>since the MMacro instance is released, but it is still used to proceed
>the expansion.
>
>This change forbids macro undefinition: non-fatal error is raised and
>the MMacro instance is not released if it is being processed by NASM
>preprocessor.
>
>Consider the following example:
>| $ cat test.asm
>| %macro m 0
>| %unmacro m 0
>| %endmacro
>| m
>| $ ./nasm test.asm
>| test.asm:4: error: `%unmacro' can't undefine the macro being expanded
>| test.asm:2: ... from macro `m' defined here
>
>Fixes BR3392531 and BR3392716.
>
>Signed-off-by: Igor Munkin <imun at cpan.org>
>---
> asm/preproc.c                |  13 ++++++++++++
> travis/test/br3392531.asm    | Bin 0 -> 366 bytes
> travis/test/br3392531.json   |  12 ++++++++++++
> travis/test/br3392531.stderr |  29 +++++++++++++++++++++++++++
> travis/test/br3392716.asm    | Bin 0 -> 237 bytes
> travis/test/br3392716.json   |  13 ++++++++++++
> travis/test/br3392716.stderr |  37 +++++++++++++++++++++++++++++++++++
> 7 files changed, 104 insertions(+)
> create mode 100644 travis/test/br3392531.asm
> create mode 100644 travis/test/br3392531.json
> create mode 100644 travis/test/br3392531.stderr
> create mode 100644 travis/test/br3392716.asm
> create mode 100644 travis/test/br3392716.json
> create mode 100644 travis/test/br3392716.stderr
>
>diff --git a/asm/preproc.c b/asm/preproc.c
>index 69543174..ab229c9c 100644
>--- a/asm/preproc.c
>+++ b/asm/preproc.c
>@@ -4330,6 +4330,19 @@ issue_error:
>             goto done;
>         }
>         mmac_p = (MMacro **) hash_findi(&mmacros, spec.name, NULL);
>+
>+        /* Check the macro to be undefined is not being expanded */
>+        list_for_each(l, istk->expansion) {
>+            if (l->finishes == *mmac_p) {
>+                nasm_nonfatal("`%%unmacro' can't undefine the macro
>being expanded");
>+                /*
>+                 * Do not release the macro instance to avoid using
>the freed
>+                 * memory while proceeding the expansion.
>+                 */
>+                goto done;
>+            }
>+        }
>+
>         while (mmac_p && *mmac_p) {
>             mmac = *mmac_p;
>             if (mmac->casesense == spec.casesense &&
>diff --git a/travis/test/br3392531.asm b/travis/test/br3392531.asm
>new file mode 100644
>index
>0000000000000000000000000000000000000000..6ef2c6894fcac1bf1a384eb7e24fb513cd7f04df
>GIT binary patch
>literal 366
>zcmZ9Iu}%U(6h$}M4V^88FL56+Ah;ufM1mL^jhdJcEft5|f!$(fHZyM<iJ`IDPq4D_
>zWBdyff56UCXR%T1d(X|u9b8G96IhC*F)%glpxbTt+O27#80)h|hw}qA+=_{^!<wKZ
>z!a>m83wkcYRD?!@l_4csd3+}X-mJ4TfL+XT8~f|Q&C at dg;Jut-qjFm31!5k>6X9Dj
>z`ML6j0M~$Tnr`V4Hks?fT-s?37yD)7Sc!D>(Bbvw-L~Iq0wU>;2{v3t?`obdtHldH
>zT45!Mx%#67Ak3VhR8h(bOnx${vQLy>Q7T at IW-Jpr1or{0R?xo~pEyddIVdwa++fQ}
>mA1F?&msk)$t_d at 3{L#34s+5pbhQB1_KMBu?$?^`!F7-EpDR0F9
>
>literal 0
>HcmV?d00001
>
>diff --git a/travis/test/br3392531.json b/travis/test/br3392531.json
>new file mode 100644
>index 00000000..1a4c7bf6
>--- /dev/null
>+++ b/travis/test/br3392531.json
>@@ -0,0 +1,12 @@
>+[
>+	{
>+		"description": "%unmacro is forbidden for macro being expanded",
>+		"id": "br3392531",
>+		"format": "bin",
>+		"source": "br3392531.asm",
>+		"error": "expected",
>+		"target": [
>+			{ "stderr": "br3392531.stderr" }
>+		]
>+	}
>+]
>diff --git a/travis/test/br3392531.stderr
>b/travis/test/br3392531.stderr
>new file mode 100644
>index 00000000..84810b64
>--- /dev/null
>+++ b/travis/test/br3392531.stderr
>@@ -0,0 +1,29 @@
>+./travis/test/br3392531.asm:1: error: label or instruction expected at
>start of line
>+./travis/test/br3392531.asm:4: error: invalid decorator token inside
>braces
>+./travis/test/br3392531.asm:4: error: label or instruction expected at
>start of line
>+./travis/test/br3392531.asm:5: error: parser: instruction expected
>+./travis/test/br3392531.asm:7: error: `%macro' expects a parameter
>count
>+./travis/test/br3392531.asm:11: warning: unterminated string
>[-w+other]
>+./travis/test/br3392531.asm:14: error: parser: instruction expected
>+./travis/test/br3392531.asm:17: error: `%$LRG': context stack is empty
>+./travis/test/br3392531.asm:17: error: `%$LRG': context stack is empty
>+./travis/test/br3392531.asm:17: error: label or instruction expected
>at start of line
>+./travis/test/br3392531.asm:18: error: label or instruction expected
>at start of line
>+./travis/test/br3392531.asm:19: error: parser: instruction expected
>+./travis/test/br3392531.asm:20: error: `%1': not in a macro call
>+./travis/test/br3392531.asm:20: error: label or instruction expected
>at start of line
>+./travis/test/br3392531.asm:21: error: label or instruction expected
>at start of line
>+./travis/test/br3392531.asm:8: ... from macro `section' defined here
>+./travis/test/br3392531.asm:21: error: parser: instruction expected
>+./travis/test/br3392531.asm:9: ... from macro `section' defined here
>+./travis/test/br3392531.asm:21: error: label or instruction expected
>at start of line
>+./travis/test/br3392531.asm:10: ... from macro `section' defined here
>+./travis/test/br3392531.asm:21: error: invalid macro parameter:
>`%4stru at namB'
>+./travis/test/br3392531.asm:11: ... from macro `section' defined here
>+./travis/test/br3392531.asm:21: error: parser: instruction expected
>+./travis/test/br3392531.asm:11: ... from macro `section' defined here
>+./travis/test/br3392531.asm:21: error: `%unmacro' expects a parameter
>count
>+./travis/test/br3392531.asm:12: ... from macro `section' defined here
>+./travis/test/br3392531.asm:21: error: `%unmacro' can't undefine the
>macro being expanded
>+./travis/test/br3392531.asm:12: ... from macro `section' defined here
>+./travis/test/br3392531.asm:22: error: parser: instruction expected
>diff --git a/travis/test/br3392716.asm b/travis/test/br3392716.asm
>new file mode 100644
>index
>0000000000000000000000000000000000000000..ac480f3038e3437b598179532ee1655a8daef70c
>GIT binary patch
>literal 237
>zcmb2neaEF*nwOiHT$Hbnh+roq=47Tfb15h&sDkA{^5|j;3dO}GT&hKK$p)%?1-dE@
>z$uf}v$??g$1_sG&@7}$8`w3w*L}_YXO0^x(BrdLE6wL-CYA!BOP&Y(4PC<d8n3+oz
>SXnHQxbc6!c<dA%*UG4xY`b-!A
>
>literal 0
>HcmV?d00001
>
>diff --git a/travis/test/br3392716.json b/travis/test/br3392716.json
>new file mode 100644
>index 00000000..b3d4e0b1
>--- /dev/null
>+++ b/travis/test/br3392716.json
>@@ -0,0 +1,13 @@
>+[
>+	{
>+		"description": "%unmacro is forbidden for macro being expanded",
>+		"id": "br3392716",
>+		"format": "macho64",
>+		"source": "br3392716.asm",
>+		"option": "-g",
>+		"error": "expected",
>+		"target": [
>+			{ "stderr": "br3392716.stderr" }
>+		]
>+	}
>+]
>diff --git a/travis/test/br3392716.stderr
>b/travis/test/br3392716.stderr
>new file mode 100644
>index 00000000..049bcb94
>--- /dev/null
>+++ b/travis/test/br3392716.stderr
>@@ -0,0 +1,37 @@
>+./travis/test/br3392716.asm:1: error: label or instruction expected at
>start of line
>+./travis/test/br3392716.asm:2: error: `%unmacro' expects a parameter
>count
>+./travis/test/br3392716.asm:3: warning: unterminated string [-w+other]
>+./travis/test/br3392716.asm:3: error: `%unmacro' expects a macro name
>+./travis/test/br3392716.asm:4: warning: unterminated string [-w+other]
>+./travis/test/br3392716.asm:4: error: label or instruction expected at
>start of line
>+./travis/test/br3392716.asm:5: error: `%macro' expects a parameter
>count
>+./travis/test/br3392716.asm:15: warning: unterminated string
>[-w+other]
>+./travis/test/br3392716.asm:20: warning: unterminated string
>[-w+other]
>+./travis/test/br3392716.asm:20: warning: multi-line macro `sst'
>exists, but not taking 1 parameter [-w+macro-params-multi]
>+./travis/test/br3392716.asm:20: error: parser: instruction expected
>+./travis/test/br3392716.asm:21: error: `%%cTo': not in a macro call
>+./travis/test/br3392716.asm:21: error: label or instruction expected
>at start of line
>+./travis/test/br3392716.asm:6: ... from macro `sst' defined here
>+./travis/test/br3392716.asm:21: error: `%unmacro' expects a parameter
>count
>+./travis/test/br3392716.asm:7: ... from macro `sst' defined here
>+./travis/test/br3392716.asm:21: error: `%unmacro' can't undefine the
>macro being expanded
>+./travis/test/br3392716.asm:7: ... from macro `sst' defined here
>+./travis/test/br3392716.asm:21: error: label or instruction expected
>at start of line
>+./travis/test/br3392716.asm:8: ... from macro `sst' defined here
>+./travis/test/br3392716.asm:21: error: parser: instruction expected
>+./travis/test/br3392716.asm:10: ... from macro `sst' defined here
>+./travis/test/br3392716.asm:21: error: label or instruction expected
>at start of line
>+./travis/test/br3392716.asm:11: ... from macro `sst' defined here
>+./travis/test/br3392716.asm:21: error: `%unmacro' expects a parameter
>count
>+./travis/test/br3392716.asm:12: ... from macro `sst' defined here
>+./travis/test/br3392716.asm:21: error: `%unmacro' can't undefine the
>macro being expanded
>+./travis/test/br3392716.asm:12: ... from macro `sst' defined here
>+./travis/test/br3392716.asm:21: error: label or instruction expected
>at start of line
>+./travis/test/br3392716.asm:13: ... from macro `sst' defined here
>+./travis/test/br3392716.asm:21: error: parser: instruction expected
>+./travis/test/br3392716.asm:15: ... from macro `sst' defined here
>+./travis/test/br3392716.asm:21: error: `%macro' expects a macro name
>+./travis/test/br3392716.asm:16: ... from macro `sst' defined here
>+./travis/test/br3392716.asm:21: error: parser: instruction expected
>+./travis/test/br3392716.asm:17: ... from macro `sst' defined here
>+./travis/test/br3392716.asm:22: error: label or instruction expected
>at start of line

Looks great.
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.



More information about the Nasm-devel mailing list