diff options
author | Alan Modra <amodra@gmail.com> | 2020-01-13 14:27:19 +1030 |
---|---|---|
committer | Alan Modra <amodra@gmail.com> | 2020-01-13 16:44:27 +1030 |
commit | febda64f152972d8edf0147fb29f89b02f6a4cf9 (patch) | |
tree | 530633bd36c29a3fd0715e8658777f665385aa9a /gas/testsuite | |
parent | df08b5881b4972d78f9a2069955dad5b12bc972e (diff) | |
download | gdb-febda64f152972d8edf0147fb29f89b02f6a4cf9.zip gdb-febda64f152972d8edf0147fb29f89b02f6a4cf9.tar.gz gdb-febda64f152972d8edf0147fb29f89b02f6a4cf9.tar.bz2 |
ubsan: wasm32: signed integer overflow
The signed integer overflow occurred when adding one to target_count
for (i = 0; i < target_count + 1; i++)
but that's the least of the worries here. target_count was long and i
int, leading to the possibility of a loop that never ended.
So to avoid this type of vulnerability, this patch uses what I believe
to be the proper types for arguments of various wasm32 opcodes, rather
than using "long" which may change in size.
gas/
* testsuite/gas/wasm32/allinsn.d: Update expected output.
opcodes/
* wasm32-dis.c (print_insn_wasm32): Localise variables. Store
result of wasm_read_leb128 in a uint64_t and check that bits
are not lost when copying to other locals. Use uint32_t for
most locals. Use PRId64 when printing int64_t.
Diffstat (limited to 'gas/testsuite')
-rw-r--r-- | gas/testsuite/gas/wasm32/allinsn.d | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/gas/testsuite/gas/wasm32/allinsn.d b/gas/testsuite/gas/wasm32/allinsn.d index c594c72..4429385 100644 --- a/gas/testsuite/gas/wasm32/allinsn.d +++ b/gas/testsuite/gas/wasm32/allinsn.d @@ -20,7 +20,7 @@ Disassembly of section .text: 12: 8b f32.abs 13: 92 f32.add 14: 8d f32.ceil - 15: 43 d0 0f 49 f32.const 3.141590118408203125 + 15: 43 d0 0f 49 f32.const 3.14159012 19: 40 1a: b2 f32.convert_s/i32 1b: b4 f32.convert_s/i64 @@ -50,7 +50,7 @@ Disassembly of section .text: 37: 99 f64.abs 38: a0 f64.add 39: 9b f64.ceil - 3a: 44 97 5f 4f f64.const 3.14158999999999976088e\+200 + 3a: 44 97 5f 4f f64.const 3.1415899999999998e\+200 3e: fd bc 6a 90 42: 69 43: b7 f64.convert_s/i32 |