aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--cpu/ChangeLog5
-rw-r--r--cpu/mep.opc14
-rw-r--r--opcodes/ChangeLog5
-rw-r--r--opcodes/mep-dis.c14
4 files changed, 38 insertions, 0 deletions
diff --git a/cpu/ChangeLog b/cpu/ChangeLog
index bcb92e5..23c89c9 100644
--- a/cpu/ChangeLog
+++ b/cpu/ChangeLog
@@ -1,3 +1,8 @@
+2023-03-15 Nick Clifton <nickc@redhat.com>
+
+ PR 30231
+ * mep.opc (mep_print_insn): Check for an out of range index.
+
2022-12-31 Nick Clifton <nickc@redhat.com>
* 2.40 branch created.
diff --git a/cpu/mep.opc b/cpu/mep.opc
index 75ae830..6b264cc 100644
--- a/cpu/mep.opc
+++ b/cpu/mep.opc
@@ -1453,6 +1453,20 @@ mep_print_insn (CGEN_CPU_DESC cd, bfd_vma pc, disassemble_info *info)
mep_config_index = abfd->tdata.elf_obj_data->elf_header->e_flags & EF_MEP_INDEX_MASK;
/* This instantly redefines MEP_CONFIG, MEP_OMASK, .... MEP_VLIW64 */
+ /* mep_config_map is a variable sized array, so we do not know how big it is.
+ The only safe way to check the index therefore is to iterate over the array.
+ We do know that the last entry is all null. */
+ int i;
+ for (i = 0; i <= mep_config_index; i++)
+ if (mep_config_map[i].name == NULL)
+ break;
+
+ if (i < mep_config_index)
+ {
+ opcodes_error_handler (_("illegal MEP INDEX setting '%x' in ELF header e_flags field"), mep_config_index);
+ mep_config_index = 0;
+ }
+
cop_type = abfd->tdata.elf_obj_data->elf_header->e_flags & EF_MEP_COP_MASK;
if (cop_type == EF_MEP_COP_IVC2)
ivc2 = 1;
diff --git a/opcodes/ChangeLog b/opcodes/ChangeLog
index fb6612a..e8a224b 100644
--- a/opcodes/ChangeLog
+++ b/opcodes/ChangeLog
@@ -1,5 +1,10 @@
2023-03-15 Nick Clifton <nickc@redhat.com>
+ PR 30231
+ * mep-dis.c: Regenerate.
+
+2023-03-15 Nick Clifton <nickc@redhat.com>
+
PR 30230
* arm-dis.c (get_sym_code_type): Check for non-ELF symbols.
diff --git a/opcodes/mep-dis.c b/opcodes/mep-dis.c
index 3fe827e..72c6c10 100644
--- a/opcodes/mep-dis.c
+++ b/opcodes/mep-dis.c
@@ -649,6 +649,20 @@ mep_print_insn (CGEN_CPU_DESC cd, bfd_vma pc, disassemble_info *info)
mep_config_index = abfd->tdata.elf_obj_data->elf_header->e_flags & EF_MEP_INDEX_MASK;
/* This instantly redefines MEP_CONFIG, MEP_OMASK, .... MEP_VLIW64 */
+ /* mep_config_map is a variable sized array, so we do not know how big it is.
+ The only safe way to check the index therefore is to iterate over the array.
+ We do know that the last entry is all null. */
+ int i;
+ for (i = 0; i <= mep_config_index; i++)
+ if (mep_config_map[i].name == NULL)
+ break;
+
+ if (i < mep_config_index)
+ {
+ opcodes_error_handler (_("illegal MEP INDEX setting '%x' in ELF header e_flags field"), mep_config_index);
+ mep_config_index = 0;
+ }
+
cop_type = abfd->tdata.elf_obj_data->elf_header->e_flags & EF_MEP_COP_MASK;
if (cop_type == EF_MEP_COP_IVC2)
ivc2 = 1;