preproc: Don't access out of bound data on malformed input

There are a number of places still where we test text data which is potentially may be an empty string. This is known to happen on fuzzer input but usually doesn't take place in regular valid programs. Surely we need to revisit preprocessor code for this kind of errors. https://bugzilla.nasm.us/show_bug.cgi?id=3392525 Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
author: Cyrill Gorcunov <gorcunov@gmail.com> 2018-10-29 22:54:08 +0300
committer: Cyrill Gorcunov <gorcunov@gmail.com> 2018-10-29 22:54:34 +0300
commit: 4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f (patch)
tree: 920043d8e0ecabf12ee8b831e709761d110def07
parent: b756372b0668092f1e189ef097889df0f40dee79 (diff)
download: nasm-4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/asm/preproc.c b/asm/preproc.c
index 9034135c..ecf89f1b 100644
--- a/asm/preproc.c
+++ b/asm/preproc.c
@@ -2271,8 +2271,9 @@ static int do_directive(Token *tline, char **output)
 
     skip_white_(tline);
     if (!tline || !tok_type_(tline, TOK_PREPROC_ID) ||
-        (tline->text[1] == '%' || tline->text[1] == '$'
-         || tline->text[1] == '!'))
+        (tline->text[0] && (tline->text[1] == '%' ||
+			    tline->text[1] == '$' ||
+			    tline->text[1] == '!')))
         return NO_DIRECTIVE_FOUND;
 
     i = pp_token_hash(tline->text);
author	Cyrill Gorcunov <gorcunov@gmail.com>	2018-10-29 22:54:08 +0300
committer	Cyrill Gorcunov <gorcunov@gmail.com>	2018-10-29 22:54:34 +0300
commit	4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f (patch)
tree	920043d8e0ecabf12ee8b831e709761d110def07
parent	b756372b0668092f1e189ef097889df0f40dee79 (diff)
download	nasm-4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f.tar.gz