From 7c88289e222dc5ef9f53f9e86ecaab1924744b88 Mon Sep 17 00:00:00 2001
From: Cyrill Gorcunov <gorcunov@gmail.com>
Date: Tue, 18 Aug 2020 11:25:14 +0300
Subject: [PATCH] BR3392711: preproc: fix memory corruption in
 expand_one_smacro

https://github.com/netwide-assembler/nasm/commit/7c88289e222dc5ef9f53f9e86ecaab1924744b88

The mempcpy helper returns *last* byte pointer thus when
we call set_text_free we have to pass a pointer to the
start of the string.

Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
---
 asm/preproc.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/asm/preproc.c b/asm/preproc.c
index fec9520..1368cee 100644
--- a/asm/preproc.c
+++ b/asm/preproc.c
@@ -5531,7 +5531,7 @@ static SMacro *expand_one_smacro(Token ***tpp)
         {
             size_t mlen = strlen(m->name);
 	    size_t len;
-            char *p;
+            char *p, *from;
 
             t->type = mstart->type;
             if (t->type == TOK_LOCAL_MACRO) {
@@ -5544,15 +5544,15 @@ static SMacro *expand_one_smacro(Token ***tpp)
                 plen = pep - psp;
 
                 len = mlen + plen;
-                p = nasm_malloc(len + 1);
+                from = p = nasm_malloc(len + 1);
                 p = mempcpy(p, psp, plen);
             } else {
                 len = mlen;
-                p = nasm_malloc(len + 1);
+                from = p = nasm_malloc(len + 1);
             }
             p = mempcpy(p, m->name, mlen);
             *p = '\0';
-	    set_text_free(t, p, len);
+	    set_text_free(t, from, len);
 
             t->next = tline;
             break;
-- 
2.23.0