diff options
| author | Alan Modra <amodra@gmail.com> | 2019-12-10 23:22:10 +1030 |
|---|---|---|
| committer | Alan Modra <amodra@gmail.com> | 2019-12-11 11:38:24 +1030 |
| commit | c202f69e5130fed314afa079ce30abaad4d34991 (patch) | |
| tree | c4e19f714b47d869d10de621416ebd7436d24ba6 /gold | |
| parent | 0ef562a4b5da6bc1f16b2ea801b228acafd033d8 (diff) | |
| download | gdb-c202f69e5130fed314afa079ce30abaad4d34991.zip gdb-c202f69e5130fed314afa079ce30abaad4d34991.tar.gz gdb-c202f69e5130fed314afa079ce30abaad4d34991.tar.bz2 | |
ubsan: cris: signed integer overflow
This was the following in print_with_operands
case 4:
number
= buffer[2] + buffer[3] * 256 + buffer[4] * 65536
+ buffer[5] * 0x1000000;
and buffer[5] * 0x1000000 can indeed overflow. So to fix this we need
to use unsigned arithmetic where overflow semantics are specified.
But number is a long, and the expression is int which will be sign
extended to long. If we make the expression unsigned it will be zero
extended. So make number an int32_t and rearrange a little for some
of the places that need fixing.
* cris-dis.c (print_with_operands): Avoid signed integer
overflow when collecting bytes of a 32-bit integer.
Diffstat (limited to 'gold')
0 files changed, 0 insertions, 0 deletions