Fix illegal memory access triggered when attempting to assemble a bogus i386 source...
authorNick Clifton <nickc@redhat.com>
Tue, 14 May 2019 11:42:02 +0000 (12:42 +0100)
committerNick Clifton <nickc@redhat.com>
Tue, 14 May 2019 11:42:02 +0000 (12:42 +0100)
PR 24538
* config/tc-i386-intel.c (i386_intel_simplify_register): Reject
illegal register numbers.

gas/ChangeLog
gas/config/tc-i386-intel.c

index 57be17561fc5fd30af9ba0eeb76149bce974ad3d..1530ebfdc76080141885d7ebd77402f4c324ddfe 100644 (file)
@@ -1,3 +1,9 @@
+2019-05-14  Nick Clifton  <nickc@redhat.com>
+
+       PR 24538
+       * config/tc-i386-intel.c (i386_intel_simplify_register): Reject
+       illegal register numbers.
+
 2019-05-10  Nick Clifton  <nickc@redhat.com>
 
        PR 24538
index a12886d1b02979711acec765ab89c8be55c3973d..a2cd286572d3fd7ab712fd3d49eba06755feb537 100644 (file)
@@ -270,6 +270,12 @@ i386_intel_simplify_register (expressionS *e)
   else
     reg_num = e->X_md - 1;
 
+  if (reg_num < 0 || reg_num >= (int) i386_regtab_size)
+    {
+      as_bad (_("invalid register number"));
+      return 0;
+    }
+
   if (!intel_state.in_bracket)
     {
       if (i.op[this_operand].regs)