diff options
author | Cyrill Gorcunov <gorcunov@gmail.com> | 2018-08-15 01:12:19 +0300 |
---|---|---|
committer | Cyrill Gorcunov <gorcunov@gmail.com> | 2018-08-16 01:20:01 +0300 |
commit | 55d09bbf6f7087339277b1e3b17c134b2afb2510 (patch) | |
tree | e5d1ff6088c1724f28c4af318479a9382167b457 /disasm/ndisasm.c | |
parent | b8d153eb4dee2ac22fc09cfba99dbae48c724b88 (diff) | |
download | nasm-55d09bbf6f7087339277b1e3b17c134b2afb2510.tar.gz |
disasm: Fix buffer overread in ndisasm
https://nvd.nist.gov/vuln/detail/CVE-2018-10254
https://sourceforge.net/p/nasm/bugs/561/
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
Diffstat (limited to 'disasm/ndisasm.c')
-rw-r--r-- | disasm/ndisasm.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/disasm/ndisasm.c b/disasm/ndisasm.c index a4a217db..2d0cf153 100644 --- a/disasm/ndisasm.c +++ b/disasm/ndisasm.c @@ -316,9 +316,8 @@ int main(int argc, char **argv) nextsync = next_sync(offset, &synclen); } while (p > q && (p - q >= INSN_MAX || lenread == 0)) { - lendis = - disasm((uint8_t *) q, outbuf, sizeof(outbuf), bits, - offset, autosync, &prefer); + lendis = disasm((uint8_t *)q, INSN_MAX, outbuf, sizeof(outbuf), + bits, offset, autosync, &prefer); if (!lendis || lendis > (p - q) || ((nextsync || synclen) && (uint32_t)lendis > nextsync - offset)) |