diff options
| author | Alan Modra <amodra@gmail.com> | 2023-09-07 20:08:57 +0930 |
|---|---|---|
| committer | Alan Modra <amodra@gmail.com> | 2023-09-08 07:49:09 +0930 |
| commit | dd39dcae8880f0ed298daa1e35d21a84f0a7bdec (patch) | |
| tree | 664779e057e88e87962c98dc44be476f0a6903f8 /opcodes/bpf-dis.c | |
| parent | d1369de649a9d19abae1012ef805aaa674314c0c (diff) | |
| download | gdb-dd39dcae8880f0ed298daa1e35d21a84f0a7bdec.zip gdb-dd39dcae8880f0ed298daa1e35d21a84f0a7bdec.tar.gz gdb-dd39dcae8880f0ed298daa1e35d21a84f0a7bdec.tar.bz2 | |
PR30793, kvx_reassemble_bundle index 8 out of bounds
While the patch already committed for pr30793 prevents the asan error,
there is a problem: Now the last element of bundle_words never gets
written. That's very likely wrong, or KVXMAXBUNDLEWORDS is too big.
So this patch rearranges things a little to support writing of all of
bundle_words and does the parallel bit checking only when filling
bundle_words. In the normal case, kvx_reassemble_bundle will see
bundle_words[word_count-1] with the parallel bit clear and all other
words having it set. In the error case where all words in
bundle_words have the parallel bit set, kvx_reassemble_bundle will be
passed a wordcount of KVXMAXBUNDLEWORDS + 1. I've also made
kvx_reassemble_bundle return true for success rather than zero, and
removed the unnecessary check for zero wordcount.
PR 30793
* kvx-dis.c (kvx_reassemble_bundle): Return bool, true on success.
Fail if wordcount is too large. Don't check for wordcount zero.
Don't check kvx_has_parallel_bit.
(print_insn_kvx): Rewrite code reading bundle_words as a for loop.
Don't stop reading at KVXMAXBUNDLEWORDS - 1.
(decode_prologue_epilogue_bundle): Similarly.
Diffstat (limited to 'opcodes/bpf-dis.c')
0 files changed, 0 insertions, 0 deletions