In Netwide Assembler 2.14rc0, there is an illegal address access in the function find_cc in asm/preproc.c that will cause a remote denial of service attack, because pointers associated with skip_white_ calls are not validated.