This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Re: [PATCH] gas/config: increase array size by one
- From: Alan Modra <amodra at gmail dot com>
- To: Sebastian Andrzej Siewior <sebastian at breakpoint dot cc>
- Cc: binutils at sourceware dot org
- Date: Wed, 25 Aug 2010 21:24:00 +0930
- Subject: Re: [PATCH] gas/config: increase array size by one
- References: <20100812200555.GA7198@Chamillionaire.breakpoint.cc>
On Thu, Aug 12, 2010 at 10:05:55PM +0200, Sebastian Andrzej Siewior wrote:
> 2010-08-12 Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
>
> * config/tc-d10v.c (do_assemble): increase size of name by one.
> * config/tc-m68hc11.c (md_assemble): likewise.
> * config/tc-microblaze.c (md_assemble): likewise.
Thanks for pointing out this problem. Instead of increasing the size
by one, I've fixed the code to correctly use the size of the buffer.
* config/tc-d10v.c (do_assemble): Correctly detect overflow of
"name" buffer.
* config/tc-m68hc11.c (md_assemble): Likewise.
* config/tc-microblaze.c (md_assemble): Likewise. Correct cast
of is_end_of_line index.
Index: gas/config/tc-d10v.c
===================================================================
RCS file: /cvs/src/src/gas/config/tc-d10v.c,v
retrieving revision 1.44
diff -u -p -r1.44 tc-d10v.c
--- gas/config/tc-d10v.c 11 Dec 2009 13:42:10 -0000 1.44
+++ gas/config/tc-d10v.c 25 Aug 2010 09:26:07 -0000
@@ -1420,11 +1420,13 @@ do_assemble (char *str, struct d10v_opco
/* Find the opcode end. */
for (op_start = op_end = (unsigned char *) str;
- *op_end && nlen < 20 && !is_end_of_line[*op_end] && *op_end != ' ';
+ *op_end && !is_end_of_line[*op_end] && *op_end != ' ';
op_end++)
{
name[nlen] = TOLOWER (op_start[nlen]);
nlen++;
+ if (nlen == sizeof (name) - 1)
+ break;
}
name[nlen] = 0;
Index: gas/config/tc-m68hc11.c
===================================================================
RCS file: /cvs/src/src/gas/config/tc-m68hc11.c,v
retrieving revision 1.58
diff -u -p -r1.58 tc-m68hc11.c
--- gas/config/tc-m68hc11.c 28 Jun 2010 14:06:57 -0000 1.58
+++ gas/config/tc-m68hc11.c 25 Aug 2010 09:26:08 -0000
@@ -2403,11 +2403,13 @@ md_assemble (char *str)
/* Find the opcode end and get the opcode in 'name'. The opcode is forced
lower case (the opcode table only has lower case op-codes). */
for (op_start = op_end = (unsigned char *) str;
- *op_end && nlen < 20 && !is_end_of_line[*op_end] && *op_end != ' ';
+ *op_end && !is_end_of_line[*op_end] && *op_end != ' ';
op_end++)
{
name[nlen] = TOLOWER (op_start[nlen]);
nlen++;
+ if (nlen == sizeof (name) - 1)
+ break;
}
name[nlen] = 0;
Index: gas/config/tc-microblaze.c
===================================================================
RCS file: /cvs/src/src/gas/config/tc-microblaze.c,v
retrieving revision 1.5
diff -u -p -r1.5 tc-microblaze.c
--- gas/config/tc-microblaze.c 28 Jun 2010 14:06:57 -0000 1.5
+++ gas/config/tc-microblaze.c 25 Aug 2010 09:26:09 -0000
@@ -807,11 +807,13 @@ md_assemble (char * str)
/* Find the op code end. */
for (op_start = op_end = str;
- * op_end && nlen < 20 && !is_end_of_line [(int)*op_end] && *op_end != ' ';
+ *op_end && !is_end_of_line[(unsigned char) *op_end] && *op_end != ' ';
op_end++)
{
name[nlen] = op_start[nlen];
nlen++;
+ if (nlen == sizeof (name) - 1)
+ break;
}
name [nlen] = 0;
--
Alan Modra
Australia Development Lab, IBM