关键信息 漏洞类型: Stack underflow 位置: Function at source file 报告时间: 2017-10-18 17:04 PDT by Jun 修复状态: RESOLVED FIXED 严重性: High severe 报告版本: nasm-2.13.02rc2 with address sanitizer on Ubuntu SMP 0 4.4.0-31-generic #50~14.04.1 附件: - - - File to trigger the bug under ASAN 详情 描述: Stack underflow occurs when is accessed with an under-bound index because is larger than 224. 测试命令: 示例: Assembler code reproducing the issue with negative exponent overflow causing buffer under-run. 建议修复: Stop compilation if the entered data is invalid instead of yielding a warning. 讨论 处理建议: Yield an error on trying to compile invalid data instead of stripping the mantissa. 最终决定: Fix will be included in version 2.14rc15.