From 73bb3fb50eb05cf57795e6a078c0758658519df3 Mon Sep 17 00:00:00 2001 From: Paul Iannetta Date: Thu, 24 Aug 2023 10:39:14 +0200 Subject: [PATCH] kvx: fix kvx_reassemble_bundle index 8 out of bounds opcodes/ChangeLog: 2023-08-24 Paul Iannetta * kvx-dis.c (print_insn_kvx): Change the loop condition so that wordcount is always less than KVXMAXBUNDLEWORDS. (decode_prologue_epilogue_bundle): Likewise. --- opcodes/kvx-dis.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/opcodes/kvx-dis.c b/opcodes/kvx-dis.c index e63430a9e57..2a5aa1d6cde 100644 --- a/opcodes/kvx-dis.c +++ b/opcodes/kvx-dis.c @@ -1056,7 +1056,7 @@ print_insn_kvx (bfd_vma memaddr, struct disassemble_info *info) wordcount++; } while (kvx_has_parallel_bit (bundle_words[wordcount - 1]) - && wordcount < KVXMAXBUNDLEWORDS); + && wordcount < KVXMAXBUNDLEWORDS - 1); invalid_bundle = kvx_reassemble_bundle (wordcount, &insncount); } @@ -1237,7 +1237,7 @@ decode_prologue_epilogue_bundle (bfd_vma memaddr, nb_syl++; } while (kvx_has_parallel_bit (bundle_words[nb_syl - 1]) - && nb_syl < KVXMAXBUNDLEWORDS); + && nb_syl < KVXMAXBUNDLEWORDS - 1); if (kvx_reassemble_bundle (nb_syl, &nb_insn)) return -1; -- 2.35.1.500.gb896f729e2