From 80fe1b3ee837f54fc22778f83657c34a86752a59 Mon Sep 17 00:00:00 2001
From: hongjinghao <hongjinghao@huawei.com>
Date: Wed, 23 Aug 2023 11:42:41 +0800
Subject: [PATCH] fix CVE-2020-21528

(cherry picked from commit d70a071ed09279f590967b5267fc121b8f720df5)
---
 CVE-2020-21528.patch | 43 +++++++++++++++++++++++++++++++++++++++++++
 nasm.spec            |  6 +++++-
 2 files changed, 48 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2020-21528.patch

diff --git a/CVE-2020-21528.patch b/CVE-2020-21528.patch
new file mode 100644
index 0000000..358904c
--- /dev/null
+++ b/CVE-2020-21528.patch
@@ -0,0 +1,43 @@
+From 93c774d482694643cafbc82578ac8b729fb5bc8b Mon Sep 17 00:00:00 2001
+From: Cyrill Gorcunov <gorcunov@gmail.com>
+Date: Wed, 4 Nov 2020 13:08:06 +0300
+Subject: [PATCH] BR3392637: output/outieee: Fix nil dereference
+
+The handling been broken in commit 98578071.
+
+Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
+---
+ output/outieee.c | 17 +++++++++++++++++
+ 1 file changed, 17 insertions(+)
+
+diff --git a/output/outieee.c b/output/outieee.c
+index bff2f085..b3ccc5f6 100644
+--- a/output/outieee.c
++++ b/output/outieee.c
+@@ -795,6 +795,23 @@ static int32_t ieee_segment(char *name, int *bits)
+             define_label(name, seg->index + 1, 0L, false);
+         ieee_seg_needs_update = NULL;
+ 
++        /*
++         * In commit 98578071b9d71ecaa2344dd9c185237c1765041e
++         * we reworked labels significantly which in turn lead
++         * to the case where seg->name = NULL here and we get
++         * nil dereference in next segments definitions.
++         *
++         * Lets placate this case with explicit name setting
++         * if labels engine didn't set it yet.
++         *
++         * FIXME: Need to revisit this moment if such fix doesn't
++         * break anything but since IEEE 695 format is veeery
++         * old I don't expect there are many users left. In worst
++         * case this should only lead to a memory leak.
++         */
++        if (!seg->name)
++            seg->name = nasm_strdup(name);
++
+         if (seg->use32)
+             *bits = 32;
+         else
+-- 
+2.27.0
+
diff --git a/nasm.spec b/nasm.spec
index f1236e4..59a0a1a 100644
--- a/nasm.spec
+++ b/nasm.spec
@@ -8,7 +8,7 @@
 
 Name:     nasm
 Version:  2.15.03
-Release:  6
+Release:  7
 Summary:  The Netwide Assembler, a portable x86 assembler with Intel-like syntax
 License:  BSD
 URL:      http://www.nasm.us
@@ -22,6 +22,7 @@ Patch6003: enable-make-check.patch
 Patch6004: fix-help-info-error.patch
 # https://github.com/netwide-assembler/nasm/commit/2d4e6952417ec6f08b6f135d2b5d0e19b7dae30d
 Patch6005: CVE-2022-44370.patch
+Patch6006: CVE-2020-21528.patch
 
 #https://bugzilla.nasm.us/attachment.cgi?id=411648
 BuildRequires: perl(Env) autoconf asciidoc xmlto gcc make git
@@ -95,6 +96,9 @@ make test
 %{_mandir}/man1/ld*
 
 %changelog
+* Wed Aug 23 2023 hongjinghao <hongjinghao@huawei.com> - 2.15.03-7
+- Fix CVE-2020-21528
+
 * Wed Apr 12 2023 yaoxin <yao_xin001@hoperun.com> - 2.15.03-6
 - Fix CVE-2022-44370
 
-- 
Gitee