[nasm:nasm-2.14.xx] preproc: Fix out of range access in expand mmacro

[nasm-bot f. C. G. <gor...@gm...>]

Commit-ID:  67f2ca2b3fb4e009ef3f7885e848b99e6a81ab29
Gitweb:     http://repo.or.cz/w/nasm.git?a=commitdiff;h=67f2ca2b3fb4e009ef3f7885e848b99e6a81ab29
Author:     Cyrill Gorcunov <gor...@gm...>
AuthorDate: Sat, 13 Oct 2018 19:41:01 +0300
Committer:  Cyrill Gorcunov <gor...@gm...>
CommitDate: Sat, 13 Oct 2018 19:41:01 +0300

preproc: Fix out of range access in expand mmacro

On specially crafetd malformed input file the params
might be zapped (say due to invalid syntax) so we might
access out of bound having nil dereference in best case.

Note the later code in this helper uses tok_isnt_ helper
which already has similar check.

https://bugzilla.nasm.us/show_bug.cgi?id=3392518

Reported-by: Jordan Zebor <j....@f5...>
Signed-off-by: Cyrill Gorcunov <gor...@gm...>


---
 asm/preproc.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/asm/preproc.c b/asm/preproc.c
index b6bed9d..0ceb243 100644
--- a/asm/preproc.c
+++ b/asm/preproc.c
@@ -3947,6 +3947,8 @@ static Token *expand_mmac_params_range(MMacro *mac, Token *tline, Token ***last)
      * only first token will be passed.
      */
     tm = mac->params[(fst + mac->rotate) % mac->nparam];
+    if (!tm)
+        goto err;
     head = new_Token(NULL, tm->type, tm->text, 0);
     tt = &head->next, tm = tm->next;
     while (tok_isnt_(tm, ",")) {