From 159653d8c0bcc45b479e4329c2e5f304fa942280 Mon Sep 17 00:00:00 2001 From: Alan Modra Date: Tue, 10 Dec 2019 23:50:02 +1030 Subject: [PATCH] ussan: d30v: index out of bounds * d30v-dis.c (print_insn): Make opind unsigned. Don't access past end of operands array. --- opcodes/ChangeLog | 5 +++++ opcodes/d30v-dis.c | 8 +++++--- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/opcodes/ChangeLog b/opcodes/ChangeLog index 5cd7361512b..946c6201106 100644 --- a/opcodes/ChangeLog +++ b/opcodes/ChangeLog @@ -1,3 +1,8 @@ +2019-12-11 Alan Modra + + * d30v-dis.c (print_insn): Make opind unsigned. Don't access + past end of operands array. + 2019-12-11 Alan Modra * csky-dis.c (csky_chars_to_number): Rewrite. Avoid signed diff --git a/opcodes/d30v-dis.c b/opcodes/d30v-dis.c index 8dd43fb984e..d2e0caa39d7 100644 --- a/opcodes/d30v-dis.c +++ b/opcodes/d30v-dis.c @@ -125,7 +125,8 @@ print_insn (struct disassemble_info *info, { int val, opnum, need_comma = 0; struct d30v_operand *oper; - int i, match, opind = 0, need_paren = 0, found_control = 0; + int i, match, need_paren = 0, found_control = 0; + unsigned int opind = 0; (*info->fprintf_func) (info->stream, "%s", insn->op->name); @@ -154,7 +155,8 @@ print_insn (struct disassemble_info *info, (*info->fprintf_func) (info->stream, "\t"); - while ((opnum = insn->form->operands[opind++]) != 0) + while (opind < ARRAY_SIZE (insn->form->operands) + && (opnum = insn->form->operands[opind++]) != 0) { int bits; @@ -314,7 +316,7 @@ print_insn (struct disassemble_info *info, (*info->fprintf_func) (info->stream, "0x%x", val); } /* If there is another operand, then write a comma and space. */ - if (opind < (int) ARRAY_SIZE (insn->form->operands) + if (opind < ARRAY_SIZE (insn->form->operands) && insn->form->operands[opind] && !(found_control && opind == 2)) need_comma = 1; -- 2.30.2