From 73e30e726cd778d055a81c1f4c2ccff1c1acdaa9 Mon Sep 17 00:00:00 2001 From: Tsukasa OI Date: Tue, 4 Oct 2022 08:35:30 +0000 Subject: RISC-V: Fix buffer overflow on print_insn_riscv Because riscv_insn_length started to support instructions up to 176-bit, we need to increase packet buffer size to 176-bit in size. include/ChangeLog: * opcode/riscv.h (RISCV_MAX_INSN_LEN): Max instruction length for use in buffer size. opcodes/ChangeLog: * riscv-dis.c (print_insn_riscv): Increase buffer size for max 176-bit length instructions. --- include/opcode/riscv.h | 2 ++ opcodes/riscv-dis.c | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/include/opcode/riscv.h b/include/opcode/riscv.h index 9cc0016..f173a2e 100644 --- a/include/opcode/riscv.h +++ b/include/opcode/riscv.h @@ -40,6 +40,8 @@ static inline unsigned int riscv_insn_length (insn_t insn) /* 80- ... 176-bit instructions. */ if ((insn & 0x7f) == 0x7f && (insn & 0x7000) != 0x7000) return 10 + ((insn >> 11) & 0xe); + /* Maximum value returned by this function. */ +#define RISCV_MAX_INSN_LEN 22 /* Longer instructions not supported at the moment. */ return 2; } diff --git a/opcodes/riscv-dis.c b/opcodes/riscv-dis.c index 031c193..2c0aed1 100644 --- a/opcodes/riscv-dis.c +++ b/opcodes/riscv-dis.c @@ -1000,7 +1000,7 @@ riscv_disassemble_data (bfd_vma memaddr ATTRIBUTE_UNUSED, int print_insn_riscv (bfd_vma memaddr, struct disassemble_info *info) { - bfd_byte packet[8]; + bfd_byte packet[RISCV_MAX_INSN_LEN]; insn_t insn = 0; bfd_vma dump_size; int status; -- cgit v1.1