aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Maydell <peter.maydell@linaro.org>2017-03-03 15:50:32 +0000
committerPeter Maydell <peter.maydell@linaro.org>2017-03-07 14:33:51 +0000
commit001ebaca7b1120233e04c38f3e3ad3f377137c69 (patch)
treecc96ab76674cc17e5139ec3264a3041ab4d37c84
parent1d153a3388b150b8aeedde32242db86b79c45473 (diff)
downloadqemu-001ebaca7b1120233e04c38f3e3ad3f377137c69.zip
qemu-001ebaca7b1120233e04c38f3e3ad3f377137c69.tar.gz
qemu-001ebaca7b1120233e04c38f3e3ad3f377137c69.tar.bz2
disas/cris: Avoid unintended sign extension
In the cris disassembler we were using 'unsigned long' to calculate addresses which are supposed to be 32 bits. This meant that we might accidentally sign extend or calculate a value that was outside the 32 bit range of the guest CPU. Use 'uint32_t' instead so we give the right answers on 64-bit hosts. (Spotted by Coverity, CID 1005402, 1005403.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-id: 1488556233-31246-6-git-send-email-peter.maydell@linaro.org
-rw-r--r--disas/cris.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/disas/cris.c b/disas/cris.c
index 8a1daf9..30217f1 100644
--- a/disas/cris.c
+++ b/disas/cris.c
@@ -2009,7 +2009,7 @@ print_with_operands (const struct cris_opcode *opcodep,
case 'n':
{
/* Like N but pc-relative to the start of the insn. */
- unsigned long number
+ uint32_t number
= (buffer[2] + buffer[3] * 256 + buffer[4] * 65536
+ buffer[5] * 0x1000000 + addr);
@@ -2201,7 +2201,7 @@ print_with_operands (const struct cris_opcode *opcodep,
{
/* It's [pc+]. This cannot possibly be anything
but an address. */
- unsigned long number
+ uint32_t number
= prefix_buffer[2] + prefix_buffer[3] * 256
+ prefix_buffer[4] * 65536
+ prefix_buffer[5] * 0x1000000;