Bug#1016353: yasm: CVE-2021-33464

Petter Reinholdtsen Tue, 29 Apr 2025 23:00:15 -0700

Control: tags -1 + patch pending

I believe the following patch, also passed upstream, will solve the
issue:


Description: Handle file descriptors with nonexisting env names better.
 Avoid writing past allocated memory.
 This fixes CVE-2021-33464.
Author: Petter Reinholdtsen <p...@debian.org>
Bug: https://github.com/yasm/yasm/issues/164
Bug-Debian: https://bugs.debian.org/1016353
Forwarded: https://github.com/yasm/yasm/issues/164
Last-Update: 2025-04-30
---
--- yasm-1.3.0.orig/modules/preprocs/nasm/nasm-pp.c
+++ yasm-1.3.0/modules/preprocs/nasm/nasm-pp.c
@@ -1815,7 +1815,7 @@ inc_fopen(char *file, char **newname)
             error(ERR_WARNING, "environment variable `%s' does not exist",
                   p1+1);
             *p2 = '%';
-            p1 = p2+1;
+            pb = p1 = p2+1;
             continue;
         }
         /* need to expand */

-- 
Happy hacking
Petter Reinholdtsen

Bug#1016353: yasm: CVE-2021-33464

Reply via email to