[PATCH v5] x86: Disallow GOT memory access beyond its GOT slot
Jan Beulich
jbeulich@suse.com
Wed Feb 12 10:57:01 GMT 2025
On 11.02.2025 22:47, H.J. Lu wrote:
> --- a/gas/config/tc-i386.c
> +++ b/gas/config/tc-i386.c
> @@ -453,6 +453,9 @@ struct _i386_insn
> /* Compressed disp8*N attribute. */
> unsigned int memshift;
>
> + /* Memory size for instructions with compressed disp8. */
> + unsigned int memsize;
What an effort to implement something people won't be able to rely on,
in both the positive and negative directions. You now even need a new
state field.
> @@ -8811,9 +8814,17 @@ check_VecOperands (const insn_template *t)
> && pp.disp_encoding <= disp_encoding_8bit)
> {
> if (i.broadcast.type || i.broadcast.bytes)
> - i.memshift = t->opcode_modifier.broadcast - 1;
> + {
> + i.memshift = t->opcode_modifier.broadcast - 1;
> + /* Remember memory size. */
> + i.memsize = 1 << i.memshift;
> + }
> else if (t->opcode_modifier.disp8memshift != DISP8_SHIFT_VL)
> - i.memshift = t->opcode_modifier.disp8memshift;
> + {
> + i.memshift = t->opcode_modifier.disp8memshift;
> + /* Remember memory size. */
> + i.memsize = 1 << i.memshift;
> + }
> else
> {
> const i386_operand_type *type = NULL, *fallback = NULL;
> @@ -8856,6 +8867,9 @@ check_VecOperands (const insn_template *t)
> i.memshift = 4;
> }
>
> + /* Remember memory size. */
> + i.memsize = 1 << i.memshift;
> +
> /* For the check in fits_in_disp8(). */
> if (i.memshift == 0)
> i.memshift = -1;
Note how in particular in process_suffix() we save/restore i.memshift,
to cover for check_VecOperands() possibly updating the field. I expect
i.memsize would now also need saving/restoring (at least) there.
Jan
More information about the Binutils
mailing list