This is the mail archive of the
binutils-cvs@sourceware.org
mailing list for the binutils project.
[binutils-gdb] Fix potential array overrun in x86 assembler.
- From: Nick Clifton <nickc at sourceware dot org>
- To: bfd-cvs at sourceware dot org
- Date: 20 Jan 2017 10:32:57 -0000
- Subject: [binutils-gdb] Fix potential array overrun in x86 assembler.
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=9d46ce346fe3028d3d57332f286f3895c0724876
commit 9d46ce346fe3028d3d57332f286f3895c0724876
Author: Nick Clifton <nickc@redhat.com>
Date: Fri Jan 20 10:32:25 2017 +0000
Fix potential array overrun in x86 assembler.
* config/tc-i386.c (parse_operands): Check for operand overflow
before setting the unspecified bit.
Diff:
---
gas/ChangeLog | 5 +++++
gas/config/tc-i386.c | 2 +-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/gas/ChangeLog b/gas/ChangeLog
index d515f3b..fbadd0b 100644
--- a/gas/ChangeLog
+++ b/gas/ChangeLog
@@ -1,3 +1,8 @@
+2017-01-20 Nick Clifton <nickc@redhat.com>
+
+ * config/tc-i386.c (parse_operands): Check for operand overflow
+ before setting the unspecified bit.
+
2017-01-18 Maciej W. Rozycki <macro@imgtec.com>
PR gas/20649
diff --git a/gas/config/tc-i386.c b/gas/config/tc-i386.c
index 80812cf..1fc6bc7 100644
--- a/gas/config/tc-i386.c
+++ b/gas/config/tc-i386.c
@@ -4136,13 +4136,13 @@ parse_operands (char *l, const char *mnemonic)
{ /* Yes, we've read in another operand. */
unsigned int operand_ok;
this_operand = i.operands++;
- i.types[this_operand].bitfield.unspecified = 1;
if (i.operands > MAX_OPERANDS)
{
as_bad (_("spurious operands; (%d operands/instruction max)"),
MAX_OPERANDS);
return NULL;
}
+ i.types[this_operand].bitfield.unspecified = 1;
/* Now parse operand adding info to 'i' as we go along. */
END_STRING_AND_SAVE (l);