This is the mail archive of the
binutils-cvs@sourceware.org
mailing list for the binutils project.
[binutils-gdb] Fix buffer underrun bug in the TI C30 disassembler.
- From: Nick Clifton <nickc at sourceware dot org>
- To: bfd-cvs at sourceware dot org
- Date: 3 Sep 2019 14:37:47 -0000
- Subject: [binutils-gdb] Fix buffer underrun bug in the TI C30 disassembler.
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f44b758d3133ef0a7f3131c1e12ed20feb33ee61
commit f44b758d3133ef0a7f3131c1e12ed20feb33ee61
Author: Nick Clifton <nickc@redhat.com>
Date: Tue Sep 3 15:37:12 2019 +0100
Fix buffer underrun bug in the TI C30 disassembler.
PR 24961
* tic30-dis.c (get_indirect_operand): Check for bufcnt being
greater than zero before indexing via (bufcnt -1).
Diff:
---
opcodes/ChangeLog | 6 ++++++
opcodes/tic30-dis.c | 4 +++-
2 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/opcodes/ChangeLog b/opcodes/ChangeLog
index 87e3f74..64b6a07 100644
--- a/opcodes/ChangeLog
+++ b/opcodes/ChangeLog
@@ -1,5 +1,11 @@
2019-09-03 Nick Clifton <nickc@redhat.com>
+ PR 24961
+ * tic30-dis.c (get_indirect_operand): Check for bufcnt being
+ greater than zero before indexing via (bufcnt -1).
+
+2019-09-03 Nick Clifton <nickc@redhat.com>
+
PR 24958
* mmix-dis.c (MAX_REG_NAME_LEN): Define.
(MAX_SPEC_REG_NAME_LEN): Define.
diff --git a/opcodes/tic30-dis.c b/opcodes/tic30-dis.c
index c64aceb..668c519 100644
--- a/opcodes/tic30-dis.c
+++ b/opcodes/tic30-dis.c
@@ -253,7 +253,9 @@ get_indirect_operand (unsigned short fragment,
for (i = 0, bufcnt = 0; i < len; i++, bufcnt++)
{
buffer[bufcnt] = current_ind->syntax[i];
- if (buffer[bufcnt - 1] == 'a' && buffer[bufcnt] == 'r')
+ if (bufcnt > 0
+ && buffer[bufcnt - 1] == 'a'
+ && buffer[bufcnt] == 'r')
buffer[++bufcnt] = arnum + '0';
if (buffer[bufcnt] == '('
&& current_ind->displacement == DISP_REQUIRED)