espressif/binutils-gdb
1
0
Fork 0
mirror of https://github.com/espressif/binutils-gdb.git synced 2025-10-16 20:32:21 +08:00
Code Issues Packages Projects Releases Wiki Activity

NS32K arg_bufs uninitialised

Browse Source 
git commit d1e304bc27 was aimed at stopping uninitialised memory
access to the index_offset array.  Unfortunately that patch resulted
in a different array being uninitialised for all instructions with
more than two arguments.

	* ns32k-dis.c (print_insn_arg): Update comment.
	(print_insn_ns32k): Reduce size of index_offset array, and
	initialize, passing -1 to print_insn_arg for args that are not
	an index.  Don't exit arg loop early.  Abort on bad arg number.
This commit is contained in:
Alan Modra
2020-03-22 18:15:41 +10:30
parent d1023b5d1e
commit 03704c7704
2 changed files with 17 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
opcodes/ChangeLog
View File

@ -1,3 +1,10 @@
2020-03-22 Alan Modra <amodra@gmail.com>
* ns32k-dis.c (print_insn_arg): Update comment.
(print_insn_ns32k): Reduce size of index_offset array, and
initialize, passing -1 to print_insn_arg for args that are not
an index. Don't exit arg loop early. Abort on bad arg number.
2020-03-22 Alan Modra <amodra@gmail.com> 2020-03-22 Alan Modra <amodra@gmail.com>
* s12z-dis.c (abstract_read_memory): Don't print error on EOI. * s12z-dis.c (abstract_read_memory): Don't print error on EOI.

19
opcodes/ns32k-dis.c
View File

@ -446,7 +446,7 @@ invalid_float (float_type_u *p, int len)
bit position of the addressing extension. BUFFER contains the bit position of the addressing extension. BUFFER contains the
instruction. ADDR is where BUFFER was read from. Put the disassembled instruction. ADDR is where BUFFER was read from. Put the disassembled
version of the operand in RESULT. INDEX_OFFSET is the bit position version of the operand in RESULT. INDEX_OFFSET is the bit position
of the index byte (it contains garbage if this operand is not a of the index byte (it contains -1 if this operand is not a
general operand using scaled indexed addressing mode). */ general operand using scaled indexed addressing mode). */
static int static int
@ -790,10 +790,8 @@ print_insn_ns32k (bfd_vma memaddr, disassemble_info *info)
if (*d) if (*d)
{ {
/* Offset in bits of the first thing beyond each index byte. /* Offset in bits of the first thing beyond each index byte.
Element 0 is for operand A and element 1 is for operand B. Element 0 is for operand A and element 1 is for operand B. */
The rest are irrelevant, but we put them here so we don't int index_offset[2];
index outside the array. */
int index_offset[MAX_ARGS];
/* 0 for operand A, 1 for operand B, greater for other args. */ /* 0 for operand A, 1 for operand B, greater for other args. */
int whicharg = 0; int whicharg = 0;
@ -806,6 +804,8 @@ print_insn_ns32k (bfd_vma memaddr, disassemble_info *info)
if we are using scaled indexed addressing mode, since the index if we are using scaled indexed addressing mode, since the index
bytes occur right after the basic instruction, not as part bytes occur right after the basic instruction, not as part
of the addressing extension. */ of the addressing extension. */
index_offset[0] = -1;
index_offset[1] = -1;
if (Is_gen (d[1])) if (Is_gen (d[1]))
{ {
int bitoff = d[1] == 'f' ? 10 : 5; int bitoff = d[1] == 'f' ? 10 : 5;
@ -832,15 +832,16 @@ print_insn_ns32k (bfd_vma memaddr, disassemble_info *info)
while (*d) while (*d)
{ {
argnum = *d - '1'; argnum = *d - '1';
if (argnum >= MAX_ARGS)
abort ();
d++; d++;
if (argnum > maxarg && argnum < MAX_ARGS) if (argnum > maxarg)
maxarg = argnum; maxarg = argnum;
ioffset = print_insn_arg (*d, ioffset, &aoffset, buffer, ioffset = print_insn_arg (*d, ioffset, &aoffset, buffer,
memaddr, arg_bufs[argnum], memaddr, arg_bufs[argnum],
index_offset[whicharg]); whicharg > 1 ? -1 : index_offset[whicharg]);
d++; d++;
if (whicharg++ >= 1) whicharg++;
break;
} }
for (argnum = 0; argnum <= maxarg; argnum++) for (argnum = 0; argnum <= maxarg; argnum++)