[PATCH][binutils][Arm] Fix range check for SMC immediate operand.

Barnaby Wilks Barnaby.Wilks@arm.com
Wed Jun 26 15:11:00 GMT 2019


This patch fixes a bug where an immediate operand larger than 4 bits (0xF) could be passed
to the SMC (Secure Monitor Call) instruction.

For example, this code is invalid:
smc #0x6951

The code would previously check for and encode for up to 16 bit immediate values, however
this immediate should instead be only a 4 bit value
(as documented herehttps://static.docs.arm.com/ddi0406/c/DDI0406C_C_arm_architecture_reference_manual.pdf  ).

Fixed this by adding range checks in the relevant areas and also removing code that would
encode more than the first 4 bits of the immediate (code that is now redundant, as any immediate operand
larger than 0xF would error now anyway).

Added testcases to check that the error is thrown for invalid instructions (for arm and thumb),
as well as positive tests checking that any immediate operands less than 0xF are accepted.

Cross compiled and regtested on arm-none-eabi and arm-none-linux-gnueabihf.

I don't have write access, so if it's OK then could someone commit on my behalf?



2019-06-26  Barnaby Wilks<barnaby.wilks@arm.com>

	* config/tc-arm.c (do_smc): Add range check for immediate operand.
	(do_t_smc): Add range check for immediate operand. Remove
	obsolete immediate encoding.
	(md_apply_fix): Fix range check. Remove obsolete immediate encoding.
	* testsuite/gas/arm/arch6zk.d: Fix test.
	* testsuite/gas/arm/arch6zk.s: Fix test.
	* testsuite/gas/arm/smc-bad.d: New test.
	* testsuite/gas/arm/smc-bad.l: New test.
	* testsuite/gas/arm/smc-bad.s: New test.
	* testsuite/gas/arm/thumb32.d: Fix test.
	* testsuite/gas/arm/thumb32.s: Fix test.

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: rb11374.txt
URL: <https://sourceware.org/pipermail/binutils/attachments/20190626/9d2d6041/attachment.txt>

More information about the Binutils mailing list