[nasm:nasm-2.14.xx] parser: Fix sigsegv on certain equ instruction parsing

[nasm-bot f. C. G. <gor...@gm...>]

Commit-ID:  a28c40d54602429c2458a95a62b1fab5142ffb9e
Gitweb:     http://repo.or.cz/w/nasm.git?a=commitdiff;h=a28c40d54602429c2458a95a62b1fab5142ffb9e
Author:     Cyrill Gorcunov <gor...@gm...>
AuthorDate: Sat, 13 Oct 2018 18:10:26 +0300
Committer:  Cyrill Gorcunov <gor...@gm...>
CommitDate: Sat, 13 Oct 2018 18:10:30 +0300

parser: Fix sigsegv on certain equ instruction parsing

We should check for bounds when accessing nasm_reg_flags.
Seems this bug was for long time already.

https://bugzilla.nasm.us/show_bug.cgi?id=3392516

Reported-by: Jordan Zebor <j....@f5...>
Signed-off-by: Cyrill Gorcunov <gor...@gm...>


---
 asm/parser.c | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/asm/parser.c b/asm/parser.c
index 90e4337..297af26 100644
--- a/asm/parser.c
+++ b/asm/parser.c
@@ -1124,6 +1124,23 @@ is_expression:
                     rs = 0;
                 }
 
+                /*
+                 * Make sure we're not out of nasm_reg_flags, still
+                 * probably this should be fixed when we're defining
+                 * the label.
+                 *
+                 * An easy trigger is
+                 *
+                 *      e equ 0x80000000:0
+                 *      pshufw word e-0
+                 *
+                 */
+                if (value->type < EXPR_REG_START ||
+                    value->type > EXPR_REG_END) {
+                        nasm_error(ERR_NONFATAL, "invalid operand type");
+                        goto fail;
+                }
+
                 op->type      &= TO;
                 op->type      |= REGISTER;
                 op->type      |= nasm_reg_flags[value->type];