fix use-of-uninitialized-value in print_insn_nds32

2020-07-13 21:17:36 +08:00 · 2020-07-13 21:17:36 +08:00 · 8c2a223bdd
commit 8c2a223bdd
parent fecade79c1
2 changed files with 95 additions and 1 deletions
--- a/NDS32-disassembly-of-odd-sized-sections.patch
+++ b/NDS32-disassembly-of-odd-sized-sections.patch
@ -0,0 +1,87 @@
 From fe90ae8a9f54e4fe8b9089fed48b0e1818414f57 Mon Sep 17 00:00:00 2001
 From: Alan Modra <amodra@gmail.com>
 Date: Fri, 20 Mar 2020 10:51:14 +1030
 Subject: [PATCH] NDS32 disassembly of odd sized sections
 	* nds32-dis.c (print_insn_nds32): Remove unnecessary casts.
 	Initialize parts of buffer not written when handling a possible
 	2-byte insn at end of section.  Don't attempt decoding of such
 	an insn by the 4-byte machinery.
 ---
 opcodes/nds32-dis.c | 24 +++++++++++++++---------
 1 files changed, 15 insertions(+), 9 deletions(-)
 diff --git a/opcodes/nds32-dis.c b/opcodes/nds32-dis.c
 index c5874ff..35e4ba0 100644
 --- a/opcodes/nds32-dis.c
 +++ b/opcodes/nds32-dis.c
@@ -985,7 +985,7 @@ print_insn_nds32 (bfd_vma pc, disassemble_info *info)
   int is_data = FALSE;
   bfd_boolean found = FALSE;
   struct nds32_private_data *private_data;
 -  unsigned int size = 16;
 +  unsigned int size;
   enum map_type mapping_type = MAP_CODE;
   if (info->private_data == NULL)
@@ -1063,6 +1063,7 @@ print_insn_nds32 (bfd_vma pc, disassemble_info *info)
       /* Fix corner case: there is no next mapping symbol,
 	 let mapping type decides size */
 +      size = 16;
       if (last_symbol_index + 1 >= info->symtab_size)
 	{
 	  if (mapping_type == MAP_DATA0)
@@ -1096,7 +1097,7 @@ print_insn_nds32 (bfd_vma pc, disassemble_info *info)
 	size = (pc & 1) ? 1 : 2;
       /* Read bytes from BFD.  */
 -      info->read_memory_func (pc, (bfd_byte *) buf_data, size, info);
 +      info->read_memory_func (pc, buf_data, size, info);
       given = 0;
       given1 = 0;
       /* Start assembling data.  */
@@ -1153,16 +1154,20 @@ print_insn_nds32 (bfd_vma pc, disassemble_info *info)
       return size;
     }
 -  status = info->read_memory_func (pc, (bfd_byte *) buf, 4, info);
 +  size = 4;
 +  status = info->read_memory_func (pc, buf, 4, info);
   if (status)
     {
       /* For the last 16-bit instruction.  */
 -      status = info->read_memory_func (pc, (bfd_byte *) buf, 2, info);
 +      size = 2;
 +      status = info->read_memory_func (pc, buf, 2, info);
       if (status)
 	{
 -	  (*info->memory_error_func)(status, pc, info);
 +	  (*info->memory_error_func) (status, pc, info);
 	  return -1;
 	}
 +      buf[2] = 0;
 +      buf[3] = 0;
     }
   insn = bfd_getb32 (buf);
@@ -1174,11 +1179,12 @@ print_insn_nds32 (bfd_vma pc, disassemble_info *info)
     }
   /* 32-bit instructions.  */
 +  if (size == 4)
 +    print_insn32 (pc, info, insn, NDS32_PARSE_INSN32);
   else
 -    {
 -      print_insn32 (pc, info, insn, NDS32_PARSE_INSN32);
 -      return 4;
 -    }
 +    info->fprintf_func (info->stream,
 +			_("insufficient data to decode instruction"));
 +  return 4;
 }
 /* Ignore disassembling unnecessary name.  */
 -- 
 1.8.3.1
--- a/binutils.spec
+++ b/binutils.spec
@ -1,7 +1,7 @@
 Summary: Binary utilities
 Name:    binutils
 Version: 2.33.1
-Release: 7
+Release: 8
 License: GPLv3+
 URL:     https://sourceware.org/binutils
@ -36,6 +36,7 @@ Patch19: More-signed-overflow-fixes.patch
 Patch20: Use-disassemble_info-private_data-in-place-of-insn_sets.patch
 Patch21: PR24960-Memory-leak-from-disassembler.patch
 Patch22: bfd_check_format-memory-leak.patch
 Patch23: NDS32-disassembly-of-odd-sized-sections.patch
 Provides: bundled(libiberty)
@ -320,6 +321,12 @@ fi
 %{_infodir}/bfd*info*
 %changelog
 * Tue Jul 14 2020 linwei <linwei54@huawei.com> - 2.33.1-8
 - Type:bugfix
 - ID:NA
 - SUG:NA
 - DESC:fix use-of-uninitialized-value in print_insn_nds32
 * Fri May 15 2020 wangchen <wangchen137@huawei.com> - 2.33.1-7
 - Type:bugfix
 - ID:NA