diff options
author | Alan Modra <amodra@gmail.com> | 2020-06-05 16:18:47 +0930 |
---|---|---|
committer | Alan Modra <amodra@gmail.com> | 2020-06-05 16:22:46 +0930 |
commit | d3d1cc7b13b4b1f11862d6b58174c81536fb3340 (patch) | |
tree | fb7b535ae50079e5879e4fdd3679a3af3f001a2f | |
parent | 8eca5c7d9f2855a4af7dc3d213abb5760cca31cb (diff) | |
download | gdb-d3d1cc7b13b4b1f11862d6b58174c81536fb3340.zip gdb-d3d1cc7b13b4b1f11862d6b58174c81536fb3340.tar.gz gdb-d3d1cc7b13b4b1f11862d6b58174c81536fb3340.tar.bz2 |
bpf stack smashing detected
* cgen-dis.c (hash_insn_array): Increase size of buf. Assert
size is large enough.
-rw-r--r-- | opcodes/ChangeLog | 5 | ||||
-rw-r--r-- | opcodes/cgen-dis.c | 11 |
2 files changed, 11 insertions, 5 deletions
diff --git a/opcodes/ChangeLog b/opcodes/ChangeLog index 63824c8..86e381a 100644 --- a/opcodes/ChangeLog +++ b/opcodes/ChangeLog @@ -1,3 +1,8 @@ +2020-06-05 Alan Modra <amodra@gmail.com> + + * cgen-dis.c (hash_insn_array): Increase size of buf. Assert + size is large enough. + 2020-06-04 Jose E. Marchesi <jose.marchesi@oracle.com> * disassemble.c (disassemble_init_for_target): Set endian_code for diff --git a/opcodes/cgen-dis.c b/opcodes/cgen-dis.c index bcc5b4b..377c93c 100644 --- a/opcodes/cgen-dis.c +++ b/opcodes/cgen-dis.c @@ -24,6 +24,7 @@ #include "bfd.h" #include "symcat.h" #include "opcode/cgen.h" +#include "disassemble.h" static CGEN_INSN_LIST * hash_insn_array (CGEN_CPU_DESC, const CGEN_INSN *, int, int, CGEN_INSN_LIST **, CGEN_INSN_LIST *); static CGEN_INSN_LIST * hash_insn_list (CGEN_CPU_DESC, const CGEN_INSN_LIST *, CGEN_INSN_LIST **, CGEN_INSN_LIST *); @@ -110,9 +111,10 @@ hash_insn_array (CGEN_CPU_DESC cd, for (i = count - 1; i >= 0; --i, ++hentbuf) { unsigned int hash; - char buf [4]; + char buf [8]; unsigned long value; const CGEN_INSN *insn = &insns[i]; + size_t size; if (! (* cd->dis_hash_p) (insn)) continue; @@ -121,10 +123,9 @@ hash_insn_array (CGEN_CPU_DESC cd, to hash on, so set both up. */ value = CGEN_INSN_BASE_VALUE (insn); - bfd_put_bits ((bfd_vma) value, - buf, - CGEN_INSN_MASK_BITSIZE (insn), - big_p); + size = CGEN_INSN_MASK_BITSIZE (insn); + OPCODES_ASSERT (size <= sizeof (buf) * 8); + bfd_put_bits ((bfd_vma) value, buf, size, big_p); hash = (* cd->dis_hash) (buf, value); add_insn_to_hash_chain (hentbuf, insn, htable, hash); } |