gas/config/tc-i386.c: In the following code fragment of the parse_insn function, the value of mnem_p should be checked before accessing. if (!current_templates) { check_suffix: /* See if we can get a match by trimming off a suffix. */ switch (mnem_p[-1]) // need to check whether the value of mem_p and mnemonic // are equal here is the patch: diff --git a/gas/config/tc-i386.c b/gas/config/tc-i386.c index d31ee6a..8d4657f --- a/gas/config/tc-i386.c +++ b/gas/config/tc-i386.c @@ -4560,6 +4560,7 @@ parse_insn (char *line, char *mnemonic) if (!current_templates) { + if (mnem_p != mnemonic) check_suffix: /* See if we can get a match by trimming off a suffix. */ switch (mnem_p[-1])
The master branch has been updated by Nick Clifton <nickc@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1c529385d9d7f53efa541d9701ec8c1001581e3e commit 1c529385d9d7f53efa541d9701ec8c1001581e3e Author: Li Hao <li.hao296@zte.com.cn> Date: Fri Mar 15 11:58:05 2019 +0000 Fix a potential illegal memory access whilt parsing an x86 insn. PR 24308 * config/tc-i386.c (parse_insn): Check mnemp before using it to determine if a suffix can be trimmed.
Hi Li Hao, Thank you for reporting this bug. I have checked your patch in, along with an addition to the ChangeLog file describing the fix. Cheers Nick