Prevent address violation problem when disassembling corrupt aarch64 binary.

author Nick Clifton <nickc@redhat.com>

Thu, 15 Jun 2017 12:26:54 +0000 (13:26 +0100)

committer Nick Clifton <nickc@redhat.com>

Thu, 15 Jun 2017 12:26:54 +0000 (13:26 +0100)
author Nick Clifton <nickc@redhat.com>
Thu, 15 Jun 2017 12:26:54 +0000 (13:26 +0100)
committer Nick Clifton <nickc@redhat.com>
Thu, 15 Jun 2017 12:26:54 +0000 (13:26 +0100)
diff --git a/opcodes/ChangeLog b/opcodes/ChangeLog

index c77f00a..e489d43 100644 (file)
--- a/opcodes/ChangeLog
+++ b/opcodes/ChangeLog
@@ -1,5 +1,11 @@
  2017-06-15  Nick Clifton  <nickc@redhat.com>
  
+       PR binutils/21595
+       * aarch64-dis.c (aarch64_ext_ldst_reglist): Check for an out of
+       range value.
+
+2017-06-15  Nick Clifton  <nickc@redhat.com>
+
         PR binutils/21588
         * rl78-decode.opc (OP_BUF_LEN): Define.
         (GETBYTE): Check for the index exceeding OP_BUF_LEN.
diff --git a/opcodes/aarch64-dis.c b/opcodes/aarch64-dis.c

index 27ef22b..a860dbc 100644 (file)
--- a/opcodes/aarch64-dis.c
+++ b/opcodes/aarch64-dis.c
@@ -409,6 +409,9 @@ aarch64_ext_ldst_reglist (const aarch64_operand *self ATTRIBUTE_UNUSED,
    info->reglist.first_regno = extract_field (FLD_Rt, code, 0);
    /* opcode */
    value = extract_field (FLD_opcode, code, 0);
+  /* PR 21595: Check for a bogus value.  */
+  if (value >= ARRAY_SIZE (data))
+    return 0;
    if (expected_num != data[value].num_elements || data[value].is_reserved)
      return 0;
    info->reglist.num_regs = data[value].num_regs;
author	Nick Clifton <nickc@redhat.com>
	Thu, 15 Jun 2017 12:26:54 +0000 (13:26 +0100)
committer	Nick Clifton <nickc@redhat.com>
	Thu, 15 Jun 2017 12:26:54 +0000 (13:26 +0100)
opcodes/ChangeLog		patch \| blob \| history
opcodes/aarch64-dis.c		patch \| blob \| history