From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <research_trasio@irq.a4lg.com>
Received: from mail-sender-0.a4lg.com (mail-sender-0.a4lg.com [IPv6:2401:2500:203:30b:4000:6bfe:4757:0])
	by sourceware.org (Postfix) with ESMTPS id F1C5238582BA;
	Tue,  4 Oct 2022 09:46:11 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org F1C5238582BA
Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=irq.a4lg.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=irq.a4lg.com
Received: from [127.0.0.1] (localhost [127.0.0.1])
	by mail-sender-0.a4lg.com (Postfix) with ESMTPSA id 39BF3300089;
	Tue,  4 Oct 2022 09:46:10 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=irq.a4lg.com;
	s=2017s01; t=1664876770;
	bh=RrHfXr3Owp1NqQIr+LsPf0h0hD6fEJNjfHwBTh9KpLA=;
	h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:
	 Mime-Version:Content-Transfer-Encoding;
	b=NBMhHdlJkV8/sd0gZr3Vian4ZvpFNuNZlDgEVV+GROZPCqxFgILeIPcDfyPlF/BpP
	 h4XUMD1lk0FesoOk3FdvocPzV/V+YgAWoz6Rz5KGeyfMrm0lwzfOaC8wpXmHrl9tLs
	 gCG8WBm3AB4jyp8x2QbUAh5gqcJmdSZRN7VB7Nlo=
From: Tsukasa OI <research_trasio@irq.a4lg.com>
To: Tsukasa OI <research_trasio@irq.a4lg.com>,
	Nelson Chu <nelson@rivosinc.com>,
	Kito Cheng <kito.cheng@sifive.com>,
	Palmer Dabbelt <palmer@dabbelt.com>,
	Andrew Burgess <aburgess@redhat.com>,
	Jan Beulich <jbeulich@suse.com>,
	Andreas Schwab <schwab@suse.de>
Cc: binutils@sourceware.org,
	gdb-patches@sourceware.org
Subject: [PATCH v2 1/2] RISC-V: Fix buffer overflow on print_insn_riscv
Date: Tue,  4 Oct 2022 09:45:49 +0000
Message-Id: <fc849c94f4adcac1c4ccc5508c7a145a2f13b2a9.1664876744.git.research_trasio@irq.a4lg.com>
In-Reply-To: <cover.1664876744.git.research_trasio@irq.a4lg.com>
References: <cover.1664873933.git.research_trasio@irq.a4lg.com> <cover.1664876744.git.research_trasio@irq.a4lg.com>
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-12.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,GIT_PATCH_0,KAM_MANYTO,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org
List-Id: <binutils.sourceware.org>

Because riscv_insn_length started to support instructions up to 176-bit,
we need to increase packet buffer size to 176-bit in size.

include/ChangeLog:

	* opcode/riscv.h (RISCV_MAX_INSN_LEN): Max instruction length for
	use in buffer size.

opcodes/ChangeLog:

	* riscv-dis.c (print_insn_riscv): Increase buffer size for max
	176-bit length instructions.
---
 include/opcode/riscv.h | 2 ++
 opcodes/riscv-dis.c    | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/include/opcode/riscv.h b/include/opcode/riscv.h
index 9417dcf00c5..33415977bc7 100644
--- a/include/opcode/riscv.h
+++ b/include/opcode/riscv.h
@@ -55,6 +55,8 @@ static const char * const riscv_pred_succ[16] =
   "i", "iw", "ir", "irw", "io", "iow", "ior", "iorw"
 };
 
+#define RISCV_MAX_INSN_LEN 22  /* max 176-bit encoding.  */
+
 #define RVC_JUMP_BITS 11
 #define RVC_JUMP_REACH ((1ULL << RVC_JUMP_BITS) * RISCV_JUMP_ALIGN)
 
diff --git a/opcodes/riscv-dis.c b/opcodes/riscv-dis.c
index 6ac69490b78..f5e5af3138c 100644
--- a/opcodes/riscv-dis.c
+++ b/opcodes/riscv-dis.c
@@ -999,7 +999,7 @@ riscv_disassemble_data (bfd_vma memaddr ATTRIBUTE_UNUSED,
 int
 print_insn_riscv (bfd_vma memaddr, struct disassemble_info *info)
 {
-  bfd_byte packet[8];
+  bfd_byte packet[RISCV_MAX_INSN_LEN];
   insn_t insn = 0;
   bfd_vma dump_size;
   int status;
-- 
2.34.1