ubsan: z8k: index 10 out of bounds for type 'unsigned int const[10]'

The fix is the additional ARRAY_SIZE test, the rest just tidies
variable types rather than adding a cast to avoid warnings.

opcodes/
	* z8k-dis.c: Include libiberty.h
	(instr_data_s): Make max_fetched unsigned.
	(z8k_lookup_instr): Make nibl_index and tabl_index unsigned.
	Don't exceed byte_info bounds.
	(output_instr): Make num_bytes unsigned.
	(unpack_instr): Likewise for nibl_count and loop.
	* z8kgen.c (gas <opcode_entry_type>): Make noperands, length and
	idx unsigned.
	* z8k-opc.h: Regenerate.
gas/
	* config/tc-z8k.c (md_begin): Make idx unsigned.
	(get_specific): Likewise for this_index.

diff --git a/gas/ChangeLog b/gas/ChangeLog
index 1c61732fab3b7e693b2bf737dd4195b5c1548d41..46ce02ee6509892a5d201194241dc5318f74d525 100644 (file)
--- a/gas/ChangeLog
+++ b/gas/ChangeLog
@@ -1,3 +1,8 @@
+2020-01-08  Alan Modra  <amodra@gmail.com>
+
+       * config/tc-z8k.c (md_begin): Make idx unsigned.
+       (get_specific): Likewise for this_index.
+
 2020-01-07  Claudiu Zissulescu  <claziss@synopsys.com>
 
        * onfig/tc-arc.c (parse_reloc_symbol): New function.

diff --git a/gas/config/tc-z8k.c b/gas/config/tc-z8k.c
index d61a51f4546a1d48da5138b8c648b7e134322689..ea4ee3a6b1f3be1d4944621b67eaa74008434199 100644 (file)
--- a/gas/config/tc-z8k.c
+++ b/gas/config/tc-z8k.c
@@ -143,7 +143,7 @@ void
 md_begin (void)
 {
   const opcode_entry_type *opcode;
-  int idx = -1;
+  unsigned int idx = -1u;
 
   opcode_hash_control = hash_new ();
 
@@ -861,7 +861,7 @@ get_specific (opcode_entry_type *opcode, op_type *operands)
   int found = 0;
   unsigned int noperands = opcode->noperands;
 
-  int this_index = opcode->idx;
+  unsigned int this_index = opcode->idx;
 
   while (this_index == opcode->idx && !found)
     {

diff --git a/opcodes/ChangeLog b/opcodes/ChangeLog
index 220b9f4c5f98423b7bbe4b808e91036634d4a33b..011943d55a8ded64d63094e1836b3f79bd062168 100644 (file)
--- a/opcodes/ChangeLog
+++ b/opcodes/ChangeLog
@@ -1,3 +1,15 @@
+2020-01-08  Alan Modra  <amodra@gmail.com>
+
+       * z8k-dis.c: Include libiberty.h
+       (instr_data_s): Make max_fetched unsigned.
+       (z8k_lookup_instr): Make nibl_index and tabl_index unsigned.
+       Don't exceed byte_info bounds.
+       (output_instr): Make num_bytes unsigned.
+       (unpack_instr): Likewise for nibl_count and loop.
+       * z8kgen.c (gas <opcode_entry_type>): Make noperands, length and
+       idx unsigned.
+       * z8k-opc.h: Regenerate.
+
 2020-01-07  Shahab Vahedi  <shahab@synopsys.com>
 
        * arc-tbl.h (llock): Use 'LLOCK' as class.

diff --git a/opcodes/z8k-dis.c b/opcodes/z8k-dis.c
index 7cd59d868147b0251c0979717623724387188bd4..cb871decfaba7033f601b5b347171db068940135 100644 (file)
--- a/opcodes/z8k-dis.c
+++ b/opcodes/z8k-dis.c
@@ -20,6 +20,7 @@
 
 #include "sysdep.h"
 #include "disassemble.h"
+#include "libiberty.h"
 
 #define DEFINE_TABLE
 #include "z8k-opc.h"
@@ -35,7 +36,7 @@ typedef struct
   unsigned short words[24];
 
   /* Nibble number of first word not yet fetched.  */
-  int max_fetched;
+  unsigned int max_fetched;
   bfd_vma insn_start;
   OPCODES_SIGJMP_BUF bailout;
 
@@ -189,7 +190,7 @@ print_insn_z8002 (bfd_vma addr, disassemble_info *info)
 int
 z8k_lookup_instr (unsigned char *nibbles, disassemble_info *info)
 {
-  int nibl_index, tabl_index;
+  unsigned int nibl_index, tabl_index;
   int nibl_matched;
   int need_fetch = 0;
   unsigned short instr_nibl;
@@ -202,7 +203,9 @@ z8k_lookup_instr (unsigned char *nibbles, disassemble_info *info)
     {
       nibl_matched = 1;
       for (nibl_index = 0;
-          nibl_index < z8k_table[tabl_index].length * 2 && nibl_matched;
+          nibl_matched
+            && nibl_index < ARRAY_SIZE (z8k_table[0].byte_info)
+            && nibl_index < z8k_table[tabl_index].length * 2;
           nibl_index++)
        {
          if ((nibl_index % 4) == 0)
@@ -281,7 +284,7 @@ output_instr (instr_data_s *instr_data,
               unsigned long addr ATTRIBUTE_UNUSED,
               disassemble_info *info)
 {
-  int num_bytes;
+  unsigned int num_bytes;
   char out_str[100];
 
   out_str[0] = 0;
@@ -297,7 +300,7 @@ output_instr (instr_data_s *instr_data,
 static void
 unpack_instr (instr_data_s *instr_data, int is_segmented, disassemble_info *info)
 {
-  int nibl_count, loop;
+  unsigned int nibl_count, loop;
   unsigned short instr_nibl, instr_byte, instr_word;
   long instr_long;
   unsigned int tabl_datum, datum_class;

diff --git a/opcodes/z8k-opc.h b/opcodes/z8k-opc.h
index 68c4ad4800d989c3081949eaf49bfadcb3626353..35ce4bc655e030cf9db0efed7dfb313ee34e55d2 100644 (file)
--- a/opcodes/z8k-opc.h
+++ b/opcodes/z8k-opc.h
@@ -292,9 +292,9 @@ typedef struct {
   void (*func) (void);
   unsigned int arg_info[4];
   unsigned int byte_info[10];
-  int noperands;
-  int length;
-  int idx;
+  unsigned int noperands;
+  unsigned int length;
+  unsigned int idx;
 } opcode_entry_type;
 
 #ifdef DEFINE_TABLE

diff --git a/opcodes/z8kgen.c b/opcodes/z8kgen.c
index a1b74ca4f37ae5b783171a702907ed395e99435a..b72fcffa35721c2c40856bb889c60d53b45efff0 100644 (file)
--- a/opcodes/z8kgen.c
+++ b/opcodes/z8kgen.c
@@ -1290,9 +1290,9 @@ gas (void)
   printf ("  void (*func) (void);\n");
   printf ("  unsigned int arg_info[4];\n");
   printf ("  unsigned int byte_info[%d];\n", BYTE_INFO_LEN);
-  printf ("  int noperands;\n");
-  printf ("  int length;\n");
-  printf ("  int idx;\n");
+  printf ("  unsigned int noperands;\n");
+  printf ("  unsigned int length;\n");
+  printf ("  unsigned int idx;\n");
   printf ("} opcode_entry_type;\n\n");
   printf ("#ifdef DEFINE_TABLE\n");
   printf ("const opcode_entry_type z8k_table[] = {\n");