From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtpout30.security-mail.net (smtpout30.security-mail.net [85.31.212.37]) by sourceware.org (Postfix) with ESMTPS id 478603858C53 for ; Thu, 24 Aug 2023 08:49:13 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 478603858C53 Authentication-Results: sourceware.org; dmarc=pass (p=quarantine dis=none) header.from=kalrayinc.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=kalrayinc.com Received: from localhost (localhost [127.0.0.1]) by fx301.security-mail.net (Postfix) with ESMTP id E26D01D06D1 for ; Thu, 24 Aug 2023 10:49:11 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kalrayinc.com; s=sec-sig-email; t=1692866951; bh=20zhgz+o2H1Wl31OzcbX7o9nbJ/6tq23xFS2Gzp6LrA=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=Zvo3C4ld+o1ieXy0ijf/1o0m2/cUgfN2zBvi4HeI3dN9U+P6G9l3Qrhg5luNjaxmD xBFl0nwH+31mDvFYxqZIK1af9prK/Rh3qvNLH/L01gaOcUehHqaEKmGnBxTLYfyzLR KFNZog0ZrAbqF86FW0qcN23FnlTU9RQ4SrDkEhqE= Received: from fx301 (localhost [127.0.0.1]) by fx301.security-mail.net (Postfix) with ESMTP id C5BF81D06D0; Thu, 24 Aug 2023 10:49:11 +0200 (CEST) Received: from FRA01-MR2-obe.outbound.protection.outlook.com (mail-mr2fra01lp0108.outbound.protection.outlook.com [104.47.25.108]) by fx301.security-mail.net (Postfix) with ESMTPS id 2DBA11D0AC9; Thu, 24 Aug 2023 10:49:11 +0200 (CEST) Received: from MR1P264MB2482.FRAP264.PROD.OUTLOOK.COM (2603:10a6:501:33::22) by PR0P264MB2406.FRAP264.PROD.OUTLOOK.COM (2603:10a6:102:1e1::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6699.27; Thu, 24 Aug 2023 08:49:09 +0000 Received: from MR1P264MB2482.FRAP264.PROD.OUTLOOK.COM ([fe80::aeb6:2f26:45ff:5461]) by MR1P264MB2482.FRAP264.PROD.OUTLOOK.COM ([fe80::aeb6:2f26:45ff:5461%6]) with mapi id 15.20.6699.027; Thu, 24 Aug 2023 08:49:08 +0000 X-Virus-Scanned: E-securemail Secumail-id: <1856a.64e71987.2d0cb.0> ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GyZzghu4Za0rRr2SwCzC6BuiyedMQWTRMot/JTzS3uqdCqNba0C5vT1Z8TLvWFzkPkK3MUel0hWkENc3aomMkdNkuXT8Y/sX7PtU6XkcFbRjH7y5iiv3u13vv6D/VS64k752R0Oe0KlfoQINCm9dVw30MyvFwC4dSGsbuALsKjD873rL6lO4aBI2EgXBCJ3wETICIFHAlCK1IolaUB1aECpIhPwfaWtW3OjchaI7rCp4YAWyZSa+bzHy0o/eFL88NpsfA1v3WhEcw99aQsB0fN13XSp4mw8yjey+e0WyAgVxP1t79HQwLxml2/HkHdUg9+3fdg9em0vZrL8wlNraCA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=6FO5Kv6JmwaOpwXkL+HmXTA02pUDLqr2Oik6MSGAQV4=; b=DHzVXhyBgfA17FGjMjIqmyAtBjaEzQPsLjKtHcyhqCtVZB+iYFiDksWc7E9JYQCIk7L2y1f/PF1W24EHJGFBbTS+SuiiN5+iVuGPVRliLKs15nehB3w3cv5EvAmsEpHeB5Jc1ORHbw3WZRYBSAJzBtwU1DkIzRqka388RWJZvGcxcxyoUHUio+dsl0btpekXCPJht9zmup9V/12/mjya7z+eyyjSA0UjUnM1vZ1bGFiGtfWT87M2w9IMfFRbVJp4Tce9A+iobDecrSc9Z03wZjJe9BRABJBeAxryUdfiSfwtCSE0H/RoccCKCVvnvvmED4RjJ2VhFHsq/yJbxLGNLg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=kalrayinc.com; dmarc=pass action=none header.from=kalrayinc.com; dkim=pass header.d=kalrayinc.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kalrayinc.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6FO5Kv6JmwaOpwXkL+HmXTA02pUDLqr2Oik6MSGAQV4=; b=Nur8OZhH/fPM5gh6F7MljERSk9IwpdZlCcoF4rROWinYoDvmv8qRJjwBNcZbcC/BtBPTJVQH0mBjBKol6kBzy0sb5ZgBerjF5C8WyKayzCvPEUL5n7gJylX4M1GefQ5r/ysHE3H0i/kt85geGenz+/6ij7J/3q+P0QoOAZEWFeZ8mS/iRFhB2eXPipFiBeEkNWKD9XoRYGM59pY+VhMdRllOvwFKDdJkjlbD9rSVQZnXlUMCRNTyYFA1PB8aPuNUcOvIb8+QSfqRqgfQWfSShbdmFErieJ1T/e+4tB4IVWyXdkofTSMM/FVolG3jSv/e+FP2vmu4ffhYHQFOzwbQnw== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=kalrayinc.com; Date: Thu, 24 Aug 2023 10:49:06 +0200 From: Paul Iannetta To: Alan Modra Cc: binutils@sourceware.org Subject: Re: [PATCH] kvx: fix kvx_reassemble_bundle index 8 out of bounds Message-ID: <20230824084906.svfkw5r7xxws2prc@ws2202.lin.mbt.kalray.eu> References: <20230823143923.10105-1-piannetta@kalrayinc.com> Content-Type: multipart/mixed; boundary=secu_47c74a318d1f3679bf44c5f948d101b5_part1 Content-Disposition: inline In-Reply-To: User-Agent: NeoMutt/20171215 X-ClientProxiedBy: LO4P123CA0052.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:152::21) To MR1P264MB2482.FRAP264.PROD.OUTLOOK.COM (2603:10a6:501:33::22) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MR1P264MB2482:EE_|PR0P264MB2406:EE_ X-MS-Office365-Filtering-Correlation-Id: d58d3261-2f6e-42e9-447c-08dba47efa84 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: r4UTdo7cCsPfGrbkCNZN5suYrWQHfwDIA89Pr0nd+EbvD2zZJeIrWC653TVWY9hVD59oZa08xb7QsXXswC2Aaehxq2oPEPLXq5hvAO6pRHx6j7VvjnxYCbe6FodHume5V+BG2mQBN13IccYNJe6sOrcbgP/MDxCehug1tdCaip2Vcw4ewtQQz/R6blfQ/etb9sYaFHK9miAQXyniyzr65+BVgsOc4hrar3js7Z6ZJNN+m/8oq4w1v9U6O+8t5+rf557dU2zzrI5kQl+sBv76Br7lXFH0PbMj5ZMQMgEyoCMzBxuOPnwwMc6rLrJvPEzbJWFHVkPLC4YwdOpRrJgJETkOkGWtJ9vt7qmkcelqfSz19lZ+ub3p6th4alPXpnKSivucgdubnL1sWf3ykLY5bDBiwaBhWMD80UwIweS5NUh/LtZLZh5n/EBegkMH0ht85PDPrHCPmEJfxcdBiJ2GvswhtjZfW7qVx4qG53dsBYmJ/LIom5cV6Jhu4fJJsTj3gS66/K8H7t8eYpiggDPRthzFuPWxCteUFf2GHMkKPRShz8OT9tt2/IKjeT4zNWSsFu/ECF8EX3UYxG2ukKdQWi98tvQxFTcXMfiNlmO9OCEyoxO5LLdvnZ5MLuNijjkK X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MR1P264MB2482.FRAP264.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230031)(136003)(346002)(396003)(39860400002)(376002)(366004)(451199024)(186009)(1800799009)(66946007)(66556008)(66476007)(316002)(6916009)(478600001)(26005)(38100700002)(41300700001)(86362001)(44144004)(6486002)(2906002)(6506007)(6512007)(9686003)(4326008)(8676002)(8936002)(1076003)(5660300002)(235185007)(2700100001);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: dU6UoY5GWtADfqFhkpi0cSvh3ylwflURhTZSShn9A5L0azcxU8dO6Xt3BOkQpWIqcc0/TsaN9yVUqHUHftR0LrWJ4Rj6XN+65o1NApgkAG3pDxmU+BIBgnV4M8sLSLaqA0qbqGfr1MOpdjw4jwy4Jy3I0309iZJbIE0gTeUh7xhrD1GrbGYUBedZxD8r66b3jzsHsEGLGXF1R/tkkeDAFTitSxrKCV+0Ffyp7V+urB5IiXmWL8J/S09voTtWWzQo9eZrFTa+RYhci2ve0Z7B4XscebF9lBVI1omqoXDVBy5boGLb9f8vpf7dzsV66UPs9RWBU6n+4LehNObnhcKXHLKTspFU8MRqae6a4VX8osXFiYCibXp8wZMEM7DwGp2RlLoRIMe3pq/BaEc2kduWTn6y46YfXocF8aHSNPPtn6Wu7J6a5gQLP1+S+/zjFcV5pJgp1BP4BOhiJkk2bZuAQyQQr4SuPMEy2kLw2Cv1e0g6E69KFk2hjVx6kTThM8rK2sFnu3fTn83DCYQ/ZrTeYB1//ww2CqYvn/8KmuptUj7oaefsrRqOkDkzSPXGdDxIsLLtHrsNU+bmmAJOXmAfrY0YqUIb1DpAXkJh3Qsv10YU/QqtSelTaOnHRJ1MZPMSn8Urx6nMC6qsnI5W+UtMMisq97JBFW7/IYI01ULP3eiK7FnAJnTgKgmEOSFkZ37xzmdqjodiTJxRXI+NsCRmgQ2w36YONoiMs++6TWWHolOTTx1V1gdsga5B1IQrxVHbxZ1d2qmJewhorO3zGX6RDa7WUsGjlN7kuD1YAmmgEhhVJMYQcwptciO5hP5GxA+AiiW6KrZx0IapOvivz5KWWDIGh4qJPO6KGXOYpZtdrN0/kTIdKusiyeklO/89IPk1qUIulVRR2dn7Ap7I0ny5NN8bKv3SXzCl/9IxDzvu18YdMp6tB/l9uX2hDl28p0MT uc7loxgkTrQJQT+zln0kpyiFJ/335TOiQashR9t+TMcJKUX4zM9W/9WAR27YU/2oCTmwHH+B7aCtFSj/xor1dXIBQLKAJemc6GHZHMi2hfYZ45uxYfPxXxzBjaMUA94U3vALmFJY4faQDjeyu6iL0zDA0C8jn8aTyC2QUcZaEMs/0SCe6S7Jtq6z2V7inxqhpvMWxHezCcO2TqBxfiJMTktWgh4UV+3YYCGwHS4GqjVOXrltBMcFJcccYq32XPoAbNr4A9pr+6rT3goPhlJpel990vOS9RWolKMTArlgdJRrCB7IrasgIRhRU/uuzHhoecQZPixyQw2xUGFChaW2zCTHM0TDNRSmbqDVYFeEUHxv1cNESl/BrtTRrA0tWQ6/iQ7AAa0WpbDyz4LVg7YHTi4SCkvCESChApiyDCvFcIaWxF9M2Z1kGzwGLjw/HGxEuCRSK4rRj9tldCt3hAidL4ggiv3aYjCB6X3DEe3lN03y8KY7ca7qj6hCNOs3jie+kANzHuKlkp0vjtsA6EpVVWL0GzYv+FZGTjgalgGRYwHUjwXjZqafsV0WHwkqcC23LVlPGJpSmr6hDNbh8UWBsyy2H7LCgle1vEje3zEmUJe2adK8l6Tu6U2BmhGJYucQqBe2Bduo4omB+fXOc7zCeQ== X-OriginatorOrg: kalrayinc.com X-MS-Exchange-CrossTenant-Network-Message-Id: d58d3261-2f6e-42e9-447c-08dba47efa84 X-MS-Exchange-CrossTenant-AuthSource: MR1P264MB2482.FRAP264.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Aug 2023 08:49:08.1383 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 8931925d-7620-4a64-b7fe-20afd86363d3 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: rW3x5Uh6luwxhZsfK7+e3Frf9Uq2ZMQyzOdex87/EwOWiMznfX715WyS8djNhOVjBE3Mquz+71ZwNYBlkRUEDw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PR0P264MB2406 X-ALTERMIMEV2_out: done X-Spam-Status: No, score=-11.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,RCVD_IN_DNSWL_LOW,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: This message is in MIME format. --secu_47c74a318d1f3679bf44c5f948d101b5_part1 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline On Thu, Aug 24, 2023 at 12:42:33PM +0930, Alan Modra wrote: > On Wed, Aug 23, 2023 at 04:39:19PM +0200, Paul Iannetta via Binutils wrote: > > As discussed earlier, I removed kvx_elf64_linux_vec, fix the handling of unique > > symbols by using has_gnu_osabi instead of overwriting e_ident, change (unsigned) > > long long into {u,}int64 and at some place int by int32_t. > > I've committed these for you. BTW, oss-fuzz is poking at the kvx > support and finding holes. See pr30793. The attached patch should fix pr30793. Thanks, Paul --secu_47c74a318d1f3679bf44c5f948d101b5_part1 Content-Type: text/x-diff Content-Disposition: attachment; filename=0001-kvx-fix-kvx_reassemble_bundle-index-8-out-of-bounds.patch >From 03c35cf18fa689bc7d727c506d30c396244cb307 Mon Sep 17 00:00:00 2001 From: Paul Iannetta Date: Thu, 24 Aug 2023 10:39:14 +0200 Subject: [PATCH] kvx: fix kvx_reassemble_bundle index 8 out of bounds opcodes/ChangeLog: 2023-08-24 Paul Iannetta * kvx-dis.c (print_insn_kvx): Change the loop condition so that wordcount is always less than KVXMAXBUNDLEWORDS. --- opcodes/kvx-dis.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/opcodes/kvx-dis.c b/opcodes/kvx-dis.c index e63430a9e57..a78eb5f84ec 100644 --- a/opcodes/kvx-dis.c +++ b/opcodes/kvx-dis.c @@ -1056,7 +1056,7 @@ print_insn_kvx (bfd_vma memaddr, struct disassemble_info *info) wordcount++; } while (kvx_has_parallel_bit (bundle_words[wordcount - 1]) - && wordcount < KVXMAXBUNDLEWORDS); + && wordcount < KVXMAXBUNDLEWORDS - 1); invalid_bundle = kvx_reassemble_bundle (wordcount, &insncount); } -- 2.35.1.500.gb896f729e2 --secu_47c74a318d1f3679bf44c5f948d101b5_part1--