From 2d120f18ef0f2844b5ae0fcf18d86f7d5647c5ad Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Sun, 24 Dec 2023 14:41:06 +1030
Subject: [PATCH] Re: LoongArch: Add support for <b ".L1"> and <beq, $t0, $t1,
 ".L1">

This fixes the buffer overflow added in commit 22b78fad28, and a few
other problems.

	* loongarch-coder.c (loongarch_split_args_by_comma): Don't
	overflow buffer when args == "".  Don't remove unbalanced
	quotes.  Don't trim last arg if max number of args exceeded.
---
 opcodes/loongarch-coder.c | 30 ++++++++++++++++--------------
 1 file changed, 16 insertions(+), 14 deletions(-)

diff --git a/opcodes/loongarch-coder.c b/opcodes/loongarch-coder.c
index 672a468..b683527 100644
--- a/opcodes/loongarch-coder.c
+++ b/opcodes/loongarch-coder.c
@@ -255,22 +255,24 @@ loongarch_split_args_by_comma (char *args, const char *arg_strs[])
   size_t num = 0;
 
   if (*args)
-    arg_strs[num++] = args;
-  for (; *args; args++)
-    if (*args == ',')
-      {
-	if (MAX_ARG_NUM_PLUS_2 - 1 == num)
-	  break;
-	else
-	  *args = '\0', arg_strs[num++] = args + 1;
-      }
-
-  if (*(args-1) == '"')
     {
-      *(args-1) = '\0';
-      arg_strs[num-1] = arg_strs[num-1] + 1;
-    }
+      arg_strs[num++] = args;
+      for (; *args; args++)
+	if (*args == ',')
+	  {
+	    if (MAX_ARG_NUM_PLUS_2 - 1 == num)
+	      goto out;
+	    *args = '\0';
+	    arg_strs[num++] = args + 1;
+	  }
 
+      if (*(args - 1) == '"' && *arg_strs[num - 1] == '"')
+	{
+	  *(args - 1) = '\0';
+	  arg_strs[num - 1] += 1;
+	}
+    }
+ out:
   arg_strs[num] = NULL;
   return num;
 }
-- 
2.7.4