Fix potential array overrun in x86 assembler.
authorNick Clifton <nickc@redhat.com>
Fri, 20 Jan 2017 10:32:25 +0000 (10:32 +0000)
committerNick Clifton <nickc@redhat.com>
Fri, 20 Jan 2017 10:32:25 +0000 (10:32 +0000)
* config/tc-i386.c (parse_operands): Check for operand overflow
before setting the unspecified bit.

gas/ChangeLog
gas/config/tc-i386.c

index d515f3bfc3997205863d9f0340eb95ab6aba126c..fbadd0bd954096bdc17b233bfe2591c894f60cf3 100644 (file)
@@ -1,3 +1,8 @@
+2017-01-20  Nick Clifton  <nickc@redhat.com>
+
+       * config/tc-i386.c (parse_operands): Check for operand overflow
+       before setting the unspecified bit.
+
 2017-01-18  Maciej W. Rozycki  <macro@imgtec.com>
 
        PR gas/20649
index 80812cfb09646980e822b8cc196a956a2cd4ae01..1fc6bc7bdb63a3b1252117157b3e9a4085fdcdbd 100644 (file)
@@ -4136,13 +4136,13 @@ parse_operands (char *l, const char *mnemonic)
        {                       /* Yes, we've read in another operand.  */
          unsigned int operand_ok;
          this_operand = i.operands++;
-         i.types[this_operand].bitfield.unspecified = 1;
          if (i.operands > MAX_OPERANDS)
            {
              as_bad (_("spurious operands; (%d operands/instruction max)"),
                      MAX_OPERANDS);
              return NULL;
            }
+         i.types[this_operand].bitfield.unspecified = 1;
          /* Now parse operand adding info to 'i' as we go along.  */
          END_STRING_AND_SAVE (l);