From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jbeulich@sourceware.org>
Received: by sourceware.org (Postfix, from userid 1386)
 id 3AE8E3940CF2; Fri, 26 May 2023 07:54:03 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 3AE8E3940CF2
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
From: Jan Beulich <jbeulich@sourceware.org>
To: bfd-cvs@sourceware.org
Subject: [binutils-gdb] x86: disassembling over-long insns
X-Act-Checkin: binutils-gdb
X-Git-Author: Jan Beulich <jbeulich@suse.com>
X-Git-Refname: refs/heads/master
X-Git-Oldrev: a4aa034a0abca9c93910c23fbe7ed5f07b4c4b0b
X-Git-Newrev: d8acf3769314463ba7ed8262bf105a64f1f2e838
Message-Id: <20230526075403.3AE8E3940CF2@sourceware.org>
Date: Fri, 26 May 2023 07:54:03 +0000 (GMT)
X-BeenThere: binutils-cvs@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Binutils-cvs mailing list <binutils-cvs.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/binutils-cvs>,
 <mailto:binutils-cvs-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/binutils-cvs/>
List-Help: <mailto:binutils-cvs-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/binutils-cvs>,
 <mailto:binutils-cvs-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Fri, 26 May 2023 07:54:03 -0000

https://sourceware.org/git/gitweb.cgi?p=3Dbinutils-gdb.git;h=3Dd8acf3769314=
463ba7ed8262bf105a64f1f2e838

commit d8acf3769314463ba7ed8262bf105a64f1f2e838
Author: Jan Beulich <jbeulich@suse.com>
Date:   Fri May 26 09:53:25 2023 +0200

    x86: disassembling over-long insns
   =20
    The present way of dealing with them - misusing MAX_MNEM_SIZE, which has
    nothing to do with insn length - leads to inconsistent results. Since we
    allow for up to MAX_CODE_LENGTH - 1 prefix bytes (which then could be
    followed by another MAX_CODE_LENGTH "normal" insn bytes until we're done
    decoding), size the_buffer[] accordingly.
   =20
    Move struct dis_private down to be able to use MAX_CODE_LENGTH without
    moving its #define. While doing this also alter the order to have the
    potentially large array last.

Diff:
---
 opcodes/i386-dis.c | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/opcodes/i386-dis.c b/opcodes/i386-dis.c
index 398be8b20c5..55c70b6dd51 100644
--- a/opcodes/i386-dis.c
+++ b/opcodes/i386-dis.c
@@ -118,14 +118,6 @@ static void ATTRIBUTE_PRINTF_3 i386_dis_printf (const =
disassemble_info *,
 /* The maximum operand buffer size.  */
 #define MAX_OPERAND_BUFFER_SIZE 128
=20
-struct dis_private {
-  /* Points to first byte not fetched.  */
-  uint8_t *max_fetched;
-  uint8_t the_buffer[MAX_MNEM_SIZE];
-  bfd_vma insn_start;
-  int orig_sizeflag;
-};
-
 enum address_mode
 {
   mode_16bit,
@@ -251,6 +243,15 @@ struct instr_info
   enum x86_64_isa isa64;
 };
=20
+struct dis_private {
+  bfd_vma insn_start;
+  int orig_sizeflag;
+
+  /* Points to first byte not fetched.  */
+  uint8_t *max_fetched;
+  uint8_t the_buffer[2 * MAX_CODE_LENGTH - 1];
+};
+
 /* Mark parts used in the REX prefix.  When we are testing for
    empty prefix (for 8bit register REX extension), just mask it
    out.  Otherwise test for REX bit is excuse for existence of REX
@@ -297,7 +298,7 @@ fetch_code (struct disassemble_info *info, uint8_t *unt=
il)
   if (until <=3D priv->max_fetched)
     return true;
=20
-  if (until <=3D priv->the_buffer + MAX_MNEM_SIZE)
+  if (until <=3D priv->the_buffer + ARRAY_SIZE (priv->the_buffer))
     status =3D (*info->read_memory_func) (start,
 					priv->max_fetched,
 					until - priv->max_fetched,