From 100f993c53a50352fd91554927142a2558f3481c Mon Sep 17 00:00:00 2001
From: "H.J. Lu" <hjl.tools@gmail.com>
Date: Mon, 20 Mar 2023 09:59:16 -0700
Subject: [PATCH] x86: Check unbalanced braces in memory reference

Check unbalanced braces in memory reference to avoid assembler crash
caused by

commit e87fb6a6d0cdfc0e9c471b7825c20c238c2cf506
Author: Jan Beulich <jbeulich@suse.com>
Date:   Wed Oct 5 09:16:24 2022 +0200

    x86/gas: support quoted address scale factor in AT&T syntax

	PR gas/30248
	* config/tc-i386.c (i386_att_operand): Check unbalanced braces
	in memory reference.
	* testsuite/gas/i386/i386.exp: Run pr30248.
	* testsuite/gas/i386/pr30248.d: New file.
	* testsuite/gas/i386/pr30248.err: Likewise.
	* testsuite/gas/i386/pr30248.s: Likewise.
---
 gas/config/tc-i386.c               | 6 +++++-
 gas/testsuite/gas/i386/i386.exp    | 1 +
 gas/testsuite/gas/i386/pr30248.d   | 2 ++
 gas/testsuite/gas/i386/pr30248.err | 5 +++++
 gas/testsuite/gas/i386/pr30248.s   | 2 ++
 5 files changed, 15 insertions(+), 1 deletion(-)
 create mode 100644 gas/testsuite/gas/i386/pr30248.d
 create mode 100644 gas/testsuite/gas/i386/pr30248.err
 create mode 100644 gas/testsuite/gas/i386/pr30248.s

diff --git a/gas/config/tc-i386.c b/gas/config/tc-i386.c
index ed8329f25d8..44efad73e5d 100644
--- a/gas/config/tc-i386.c
+++ b/gas/config/tc-i386.c
@@ -11613,7 +11613,11 @@ i386_att_operand (char *operand_string)
 	  temp_string = base_string;
 
 	  /* Skip past '(' and whitespace.  */
-	  gas_assert (*base_string == '(');
+	  if (*base_string != '(')
+	    {
+	      as_bad (_("unbalanced braces"));
+	      return 0;
+	    }
 	  ++base_string;
 	  if (is_space_char (*base_string))
 	    ++base_string;
diff --git a/gas/testsuite/gas/i386/i386.exp b/gas/testsuite/gas/i386/i386.exp
index 590cd783efe..4d2150f9c68 100644
--- a/gas/testsuite/gas/i386/i386.exp
+++ b/gas/testsuite/gas/i386/i386.exp
@@ -752,6 +752,7 @@ run_dump_test pr19498
 run_list_test "nop-bad-1" ""
 run_list_test "unspec" ""
 run_dump_test "fp"
+run_dump_test pr30248
 if {[is_elf_format] || [istarget "*-*-vxworks*"]} then {
     run_list_test_stdin "list-1" "-al"
     run_list_test_stdin "list-2" "-al"
diff --git a/gas/testsuite/gas/i386/pr30248.d b/gas/testsuite/gas/i386/pr30248.d
new file mode 100644
index 00000000000..a6efd26e2c5
--- /dev/null
+++ b/gas/testsuite/gas/i386/pr30248.d
@@ -0,0 +1,2 @@
+#as:
+#error_output: pr30248.err
diff --git a/gas/testsuite/gas/i386/pr30248.err b/gas/testsuite/gas/i386/pr30248.err
new file mode 100644
index 00000000000..1f71543e1d4
--- /dev/null
+++ b/gas/testsuite/gas/i386/pr30248.err
@@ -0,0 +1,5 @@
+#failif
+
+#...
+.*Internal error.*
+#pass
diff --git a/gas/testsuite/gas/i386/pr30248.s b/gas/testsuite/gas/i386/pr30248.s
new file mode 100644
index 00000000000..ab875008f3d
--- /dev/null
+++ b/gas/testsuite/gas/i386/pr30248.s
@@ -0,0 +1,2 @@
+	.text
+	lgs ")"""
-- 
2.30.2