projects / binutils-gdb.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5a20fad)
Add a sanity check to the init_nfp6000_mecsr_sec() function in the NFP disassembler.
authorYinjun Zhang <yinjun.zhang@corigine.com>
Mon, 6 Sep 2021 09:44:29 +0000 (10:44 +0100)
committerNick Clifton <nickc@redhat.com>
Mon, 6 Sep 2021 09:44:29 +0000 (10:44 +0100)
opcodes/nfp-dis.c patch | blob | history

diff --git a/opcodes/nfp-dis.c b/opcodes/nfp-dis.c
index 170f6a2d63ed6b644952f35e0ec970c14c75b222..3938046474a82895014db9b619a1d47627f840c1 100644 (file)
--- a/opcodes/nfp-dis.c
+++ b/opcodes/nfp-dis.c
@@ -2594,7 +2594,7 @@ init_nfp3200_priv (nfp_priv_data * priv, struct disassemble_info *dinfo)
 
 static bool
 init_nfp6000_mecsr_sec (nfp_priv_data * priv, Elf_Internal_Shdr * sec,
-                       int is_for_text, struct disassemble_info *dinfo)
+                       bool is_for_text, struct disassemble_info *dinfo)
 {
   Elf_Nfp_InitRegEntry ireg;
   unsigned char buffer[sizeof (Elf_Nfp_InitRegEntry)];
@@ -2644,6 +2644,9 @@ init_nfp6000_mecsr_sec (nfp_priv_data * priv, Elf_Internal_Shdr * sec,
       menum = _BF (ireg.cpp_offset_lo, 13, 10) - 4;
       csr_off = _BF (ireg.cpp_offset_lo, 9, 0);
 
+      if (isl >= _NFP_ISLAND_MAX || menum >= _NFP_ME_MAX)
+       return false;
+       
       mecfg = &priv->mecfgs[isl][menum][is_for_text];
       switch (csr_off)
        {
@@ -2669,7 +2672,7 @@ init_nfp6000_priv (nfp_priv_data * priv, struct disassemble_info *dinfo)
   size_t isl;
   unsigned int sec_cnt = 0;
   unsigned int sec_idx;
-  int is_for_text;
+  bool is_for_text;
 
   memset (mecfg_orders, -1, sizeof (mecfg_orders));