Self-registration is disabled due to spam issue (mail gorcunov@gmail.com or hpa@zytor.com to create an account)
Bug 3392645 - stack-overflow in scan at stdscan.c:131
Summary: stack-overflow in scan at stdscan.c:131
Status: CLOSED FIXED
Alias: None
Product: NASM
Classification: Unclassified
Component: Assembler (show other bugs)
Version: 2.15.xx
Hardware: PC Linux
: Medium normal
Assignee: nobody
URL:
Depends on:
Blocks:
 
Reported: 2020-01-06 01:28 PST by Suhwan
Modified: 2020-08-19 01:39 PDT (History)
4 users (show)

Obtained from: Built from git using configure
Generated by: ---
Bug category:
Breaks existing code: ---


Attachments
poc (38.89 KB, application/octet-stream)
2020-01-06 01:28 PST, Suhwan
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Suhwan 2020-01-06 01:28:39 PST
Created attachment 411756 [details]
poc

Hi, 
I found a stack-overflow in scan at stdscan.c:131
It is triggered in nasm version 2.15.
NASM version 2.15rc0-20191023 compiled on Dec  9 2019

Please run following command
$ nasm -o /dev/null -f win64 $PoC

Here's ASAN log
==303==ERROR: AddressSanitizer: stack-overflow on address 0x7fffe3d12ed8 (pc 0x0000004d7a4c bp 0x7fffe3d13750 sp 0x7fffe3d12ee0 T0)
    #0 0x4d7a4b in __asan_memset (/mnt/hda2/suhwan/BUG_AFL/ezxml_fuzzing/nasm+0x4d7a4b)
    #1 0x6d7461 in stdscan /home/suhwan/project/program/nasm-2.15rc0-20191023/asm/stdscan.c:131:5
    #2 0x6bd797 in scan /home/suhwan/project/program/nasm-2.15rc0-20191023/asm/eval.c:263:17
    #3 0x6bd797 in expr6 /home/suhwan/project/program/nasm-2.15rc0-20191023/asm/eval.c:838
Comment 1 Cyrill Gorcunov 2020-08-19 01:38:54 PDT
Doesn't trigger in nasm-2.15.xx series.
Comment 2 Cyrill Gorcunov 2020-08-19 01:39:33 PDT
To be precise in nasm-2.15.04rc5-4-g51e23ac7