diff options
author | Mark Wielaard <mark@klomp.org> | 2019-10-19 14:01:30 +0200 |
---|---|---|
committer | Mark Wielaard <mark@klomp.org> | 2019-10-26 02:28:48 +0200 |
commit | 99dc63b10b3878616b85df2dfd2e4e7103e414b8 (patch) | |
tree | 0978baaa4da8fcd5c660ff34fda16b53705624b2 /libcpu | |
parent | da5a32a400da6a03a96f0aff10aff2d86bd9baad (diff) | |
download | elfutils-99dc63b10b3878616b85df2dfd2e4e7103e414b8.tar.gz |
libcpu: Fix bounds checks and replace asserts with errors.
Add a missing bounds check, fix an off-by-one bounds check and replace
asserts with error messages.
https://sourceware.org/bugzilla/show_bug.cgi?id=25068
Signed-off-by: Mark Wielaard <mark@klomp.org>
Diffstat (limited to 'libcpu')
-rw-r--r-- | libcpu/ChangeLog | 8 | ||||
-rw-r--r-- | libcpu/i386_data.h | 2 | ||||
-rw-r--r-- | libcpu/i386_disasm.c | 12 |
3 files changed, 17 insertions, 5 deletions
diff --git a/libcpu/ChangeLog b/libcpu/ChangeLog index e23097bd..52567be8 100644 --- a/libcpu/ChangeLog +++ b/libcpu/ChangeLog @@ -1,3 +1,11 @@ +2019-10-17 Mark Wielaard <mark@klomp.org> + + * i386_data.h (FCT_sel): Check for param_start + 2 >= end instead + of just >. + * i386_disasm.c (i386_disasm): Check param_start < end. Don't + assert, but assign INVALID to str. Make sure we get past any + unrecognized opcode. + 2019-09-07 Mark Wielaard <mark@klomp.org> * riscv_disasm.c (riscv_disasm): Use UINT64_C to make calculation diff --git a/libcpu/i386_data.h b/libcpu/i386_data.h index b8a34c3e..06356b8a 100644 --- a/libcpu/i386_data.h +++ b/libcpu/i386_data.h @@ -1336,7 +1336,7 @@ FCT_sel (struct output_data *d) { assert (d->opoff1 % 8 == 0); assert (d->opoff1 / 8 == 5); - if (*d->param_start + 2 > d->end) + if (*d->param_start + 2 >= d->end) return -1; *d->param_start += 2; uint16_t absval = read_2ubyte_unaligned (&d->data[5]); diff --git a/libcpu/i386_disasm.c b/libcpu/i386_disasm.c index 8a206398..4422ffa2 100644 --- a/libcpu/i386_disasm.c +++ b/libcpu/i386_disasm.c @@ -610,7 +610,9 @@ i386_disasm (Ebl *ebl __attribute__((unused)), /* Account for displacement. */ if ((modrm & 0xc7) == 5 || (modrm & 0xc0) == 0x80 - || ((modrm & 0xc7) == 0x4 && (codep[0] & 0x7) == 0x5)) + || ((modrm & 0xc7) == 0x4 + && param_start < end + && (codep[0] & 0x7) == 0x5)) param_start += 4; else if ((modrm & 0xc0) == 0x40) param_start += 1; @@ -821,7 +823,8 @@ i386_disasm (Ebl *ebl __attribute__((unused)), } FALLTHROUGH; default: - assert (! "INVALID not handled"); + str = "INVALID not handled"; + break; } } else @@ -1124,8 +1127,9 @@ i386_disasm (Ebl *ebl __attribute__((unused)), /* Invalid (or at least unhandled) opcode. */ if (prefixes != 0) goto print_prefix; - assert (*startp == data); - ++data; + /* Make sure we get past the unrecognized opcode if we haven't yet. */ + if (*startp == data) + ++data; ADD_STRING ("(bad)"); addr += data - begin; |