This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Fix possible array overrun in tc-i386.c


Hi Guys,

  I am applying the patch below to fix a possible array overrun in
  tc-i386.c detected by the Coverty scanner.

Cheers
  Nick

gas/ChangeLog
2017-01-20  Nick Clifton  <nickc@redhat.com>

	* config/tc-i386.c (parse_operands): Check for operand overflow
	before setting the unspecified bit.

diff --git a/gas/config/tc-i386.c b/gas/config/tc-i386.c
index 80812cf..1fc6bc7 100644
--- a/gas/config/tc-i386.c
+++ b/gas/config/tc-i386.c
@@ -4136,13 +4136,13 @@ parse_operands (char *l, const char *mnemonic)
 	{			/* Yes, we've read in another operand.  */
 	  unsigned int operand_ok;
 	  this_operand = i.operands++;
-	  i.types[this_operand].bitfield.unspecified = 1;
 	  if (i.operands > MAX_OPERANDS)
 	    {
 	      as_bad (_("spurious operands; (%d operands/instruction max)"),
 		      MAX_OPERANDS);
 	      return NULL;
 	    }
+	  i.types[this_operand].bitfield.unspecified = 1;
 	  /* Now parse operand adding info to 'i' as we go along.  */
 	  END_STRING_AND_SAVE (l);
 


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]