From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pj1-x1035.google.com (mail-pj1-x1035.google.com [IPv6:2607:f8b0:4864:20::1035]) by sourceware.org (Postfix) with ESMTPS id E371D396ECF4 for ; Wed, 2 Sep 2020 08:43:50 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org E371D396ECF4 Received: by mail-pj1-x1035.google.com with SMTP id mm21so2034058pjb.4 for ; Wed, 02 Sep 2020 01:43:50 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=3XLly6EIWze9B704Kp070XC4iVLr9XauVYHI8Wum9YE=; b=SHu30u/0vk5jOTMsyqn65DOTnIaUgBtkoUxFgyVrjBchlEPEk3KteZKZPrFCtHQtlm ZyLWNBCZjPaytnaofTp9g/Fl+gRKL/DNpOfNwlw3eR4AbDB0Vq3xb/bQ56CKxmTVWHmh FXtglk5D6uMvI7nHTTXSpSQm56tjw3CDEZsZB3QDaU25kgtAl9EIuxeLHjT6qMDwZZ9d 6cthwSnX3uEQbAA6FW+gNdagZQigCXqMLVs2I9SJKNkSxIn6Xdx5IJvf0HE7hdcPGBce g/dQufzk2eMHuuRkb8I51XVTLpmuXbt9L/IkqlSKJire8G5O/Zthck1F2eO4IS5aVd7P UfTw== X-Gm-Message-State: AOAM530Ii4UZPICapyQuIYVy8h9/27Yx2VzkPt1QMRAFcQuhLk94bksz s0KDpvgOGB9CWXSk/w1tlWgLBoRpCtc= X-Google-Smtp-Source: ABdhPJz7V7XjkDnJQE21PJyYHLOazD4dCeFNwSVkhC4RK4qn2hvgrkfmP4LNHQ7IO2qrS5jA7VpJVQ== X-Received: by 2002:a17:90a:6a0d:: with SMTP id t13mr1473299pjj.208.1599036229683; Wed, 02 Sep 2020 01:43:49 -0700 (PDT) Received: from bubble.grove.modra.org ([2406:3400:51d:8cc0:84c2:3a8b:c3d4:afab]) by smtp.gmail.com with ESMTPSA id r144sm5123369pfc.63.2020.09.02.01.43.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Sep 2020 01:43:49 -0700 (PDT) From: Alan Modra To: binutils@sourceware.org Subject: ubsan: rx-parse.y:1743 shift exponent 32 is too large Date: Wed, 2 Sep 2020 18:12:50 +0930 Message-Id: <20200902084302.26786-7-amodra@gmail.com> X-Mailer: git-send-email 2.17.1 X-Spam-Status: No, score=-10.4 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: binutils@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Binutils mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Sep 2020 08:43:52 -0000 * config/rx-parse.y (rx_intop): Avoid too large shifts. (rx_intop, rx_uintop, rx_disp3op, rx_disp5op, displacement), (rtsd_immediate): Use correctly typed unsigned variables. diff --git a/gas/config/rx-parse.y b/gas/config/rx-parse.y index 2519bf82ba..6ae2ca5edd 100644 --- a/gas/config/rx-parse.y +++ b/gas/config/rx-parse.y @@ -1725,8 +1725,8 @@ rx_error (const char * str) static int rx_intop (expressionS exp, int nbits, int opbits) { - long v; - long mask, msb; + valueT v; + valueT mask, msb; if (exp.X_op == O_big) { @@ -1739,24 +1739,24 @@ rx_intop (expressionS exp, int nbits, int opbits) return 0; v = exp.X_add_number; - msb = 1UL << (opbits - 1); - mask = (1UL << opbits) - 1; + msb = (valueT) 1 << (opbits - 1); + mask = (msb << 1) - 1; if ((v & msb) && ! (v & ~mask)) - v -= 1UL << opbits; + v -= mask + 1; switch (nbits) { case 4: - return -0x8 <= v && v <= 0x7; + return v + 0x8 <= 0x7 + 0x8; case 5: - return -0x10 <= v && v <= 0x17; + return v + 0x10 <= 0xf + 0x10; case 8: - return -0x80 <= v && v <= 0x7f; + return v + 0x80 <= 0x7f + 0x80; case 16: - return -0x8000 <= v && v <= 0x7fff; + return v + 0x8000 <= 0x7fff + 0x8000; case 24: - return -0x800000 <= v && v <= 0x7fffff; + return v + 0x800000 <= 0x7fffff + 0x800000; case 32: return 1; default: @@ -1769,7 +1769,7 @@ rx_intop (expressionS exp, int nbits, int opbits) static int rx_uintop (expressionS exp, int nbits) { - unsigned long v; + valueT v; if (exp.X_op != O_constant) return 0; @@ -1795,7 +1795,7 @@ rx_uintop (expressionS exp, int nbits) static int rx_disp3op (expressionS exp) { - unsigned long v; + valueT v; if (exp.X_op != O_constant) return 0; @@ -1808,7 +1808,7 @@ rx_disp3op (expressionS exp) static int rx_disp5op (expressionS * exp, int msize) { - long v; + valueT v; if (exp->X_op != O_constant) return 0; @@ -1817,13 +1817,13 @@ rx_disp5op (expressionS * exp, int msize) switch (msize) { case BSIZE: - if (0 <= v && v <= 31) + if (v <= 31) return 1; break; case WSIZE: if (v & 1) return 0; - if (0 <= v && v <= 63) + if (v <= 63) { exp->X_add_number >>= 1; return 1; @@ -1832,7 +1832,7 @@ rx_disp5op (expressionS * exp, int msize) case LSIZE: if (v & 3) return 0; - if (0 <= v && v <= 127) + if (v <= 127) { exp->X_add_number >>= 2; return 1; @@ -1931,7 +1931,7 @@ immediate (expressionS exp, int type, int pos, int bits) static int displacement (expressionS exp, int msize) { - int val; + valueT val; int vshift = 0; if (exp.X_op == O_symbol @@ -2001,18 +2001,18 @@ displacement (expressionS exp, int msize) val >>= vshift; exp.X_add_number = val; - if (0 <= val && val <= 255 ) + if (val <= 255 ) { O1 (exp); return 1; } - if (0 <= val && val <= 65535) + if (val <= 65535) { O2 (exp); return 2; } - if (val < 0) + if ((offsetT) val < 0) rx_error (_("negative displacements not allowed")); else rx_error (_("displacement too large")); @@ -2022,7 +2022,7 @@ displacement (expressionS exp, int msize) static void rtsd_immediate (expressionS exp) { - int val; + valueT val; if (exp.X_op != O_constant) { @@ -2033,7 +2033,7 @@ rtsd_immediate (expressionS exp) if (val & 3) rx_error (_("rtsd size must be multiple of 4")); - if (val < 0 || val > 1020) + if (val > 1020) rx_error (_("rtsd size must be 0..1020")); val >>= 2; @@ -2044,14 +2044,14 @@ rtsd_immediate (expressionS exp) static void rx_range (expressionS exp, int minv, int maxv) { - int val; + offsetT val; if (exp.X_op != O_constant) return; val = exp.X_add_number; if (val < minv || val > maxv) - as_warn (_("Value %d out of range %d..%d"), val, minv, maxv); + as_warn (_("Value %ld out of range %d..%d"), (long) val, minv, maxv); } static void -- Alan Modra Australia Development Lab, IBM