From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <amodra@gmail.com>
Received: from mail-pf1-x431.google.com (mail-pf1-x431.google.com [IPv6:2607:f8b0:4864:20::431])
	by sourceware.org (Postfix) with ESMTPS id 5C7703858D1E
	for <binutils@sourceware.org>; Wed, 14 Sep 2022 00:39:24 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 5C7703858D1E
Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com
Received: by mail-pf1-x431.google.com with SMTP id c198so13285586pfc.13
        for <binutils@sourceware.org>; Tue, 13 Sep 2022 17:39:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=content-disposition:mime-version:message-id:subject:to:from:date
         :from:to:cc:subject:date;
        bh=HCj9XfOcchyFLtPxnmt/4mQyXgLsuRa49H1EucizjQo=;
        b=pZh3CaqqWb8RPaLXXvSnki+1cEOJHJV5zHqYF1Lkb+MWbP2uNSO0sIb9sXpWukFtHh
         Z4YIsxqGq29vJSt1TvAR8tmn/+HpSHMTTcmn3DxBi9KMQNvVSnKr2KrjVzlajmovovUP
         BFE1O9DDl+uoK63z+3pv6DDUkET+/PQTLfAi9Pl8QGR9R27w2JzWgXMNy3vjy7s9VVm2
         Hq1MeYJE3ila/YZaG6+4FUwQqZM0Due+5KNKoCWGHDPj/vJL/P1o5OHPOzA9ldsiUlsL
         pBJ6qAsmOybtLPNUnQdghPNKcxO18jqM2gbuy6Cu1MKhkTsIhkaeWQilKZneJ6sV4WtI
         VrcQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=content-disposition:mime-version:message-id:subject:to:from:date
         :x-gm-message-state:from:to:cc:subject:date;
        bh=HCj9XfOcchyFLtPxnmt/4mQyXgLsuRa49H1EucizjQo=;
        b=cOOkLoXfDMKjE6tWBvqUscjUxUkM7BxjA7PSRnuDJlrSPDqb1ssjJNIq+ip8KoYL7v
         ZgchAMtkFKA97GMdd3MstG8PvCCWaOTjqbRkTY072Do9Vb3hcq41GFHYsoXroP+Bng/M
         JAEpPdf9xR/c7k25AvGSA6575Tffuhjgfba7YwS0WXb9pob6FEx/hpPgAy6cmJvkvv0Z
         1d+jwLdt89YWEKRlz9gpZH9gtMw67y2lsrwUIKmUPThHy2zNkeOi2Q6gBHeP7eWj3Itw
         HFW1njJ+2RHafrfdgjQtoRSPLL9FXjmWzCTMJn0ZXfA06jIjBz0VqS0WGP6s4ed3jBrZ
         E43Q==
X-Gm-Message-State: ACgBeo1cpBcq1tsyYPrbbiRqUvVlYnXUKbthYq15R/Pu72ytjFgzDq40
	UoKwXNoa8obF50FBqpRJUwAVfqqWxbM=
X-Google-Smtp-Source: AA6agR7GVv0CVoK22J3U6dvLVY5p16fnY2/oLEOfKF8K9KuOtkw6yaOrCWv9menso2+WHhNEjnaN6w==
X-Received: by 2002:a65:64d0:0:b0:434:e318:801 with SMTP id t16-20020a6564d0000000b00434e3180801mr29605682pgv.550.1663115963204;
        Tue, 13 Sep 2022 17:39:23 -0700 (PDT)
Received: from squeak.grove.modra.org (158.106.96.58.static.exetel.com.au. [58.96.106.158])
        by smtp.gmail.com with ESMTPSA id j5-20020a170902da8500b00176ad86b213sm9117382plx.259.2022.09.13.17.39.22
        for <binutils@sourceware.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 13 Sep 2022 17:39:22 -0700 (PDT)
Received: by squeak.grove.modra.org (Postfix, from userid 1000)
	id 025061140ABA; Wed, 14 Sep 2022 10:09:19 +0930 (ACST)
Date: Wed, 14 Sep 2022 10:09:19 +0930
From: Alan Modra <amodra@gmail.com>
To: binutils@sourceware.org
Subject: ubsan: arm-dis.c index out of bounds
Message-ID: <YyEit0hKueDyLNsW@squeak.grove.modra.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Spam-Status: No, score=-3036.5 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org
List-Id: <binutils.sourceware.org>

We are way off in the weeds with this one, and will be printing
<UNPREDICTABLE> for S > 10, so I think wrapping the register number is
fine.  Found by fuzzers.

	* arm-dis.c (print_insn_cde): Wrap 'T' value.

diff --git a/opcodes/arm-dis.c b/opcodes/arm-dis.c
index c1bf276b423..684c74f7f20 100644
--- a/opcodes/arm-dis.c
+++ b/opcodes/arm-dis.c
@@ -8957,7 +8957,7 @@ print_insn_cde (struct disassemble_info *info, long given, bool thumb)
 		    break;
 
 		  case 'T':
-		    func (stream, "%s", arm_regnames[value + 1]);
+		    func (stream, "%s", arm_regnames[(value + 1) & 15]);
 		    break;
 
 		  case 'd':

-- 
Alan Modra
Australia Development Lab, IBM