From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <research_trasio@irq.a4lg.com>
Received: from mail-sender-0.a4lg.com (mail-sender-0.a4lg.com
 [IPv6:2401:2500:203:30b:4000:6bfe:4757:0])
 by sourceware.org (Postfix) with ESMTPS id F1C5238582BA;
 Tue,  4 Oct 2022 09:46:11 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org F1C5238582BA
Received: from [127.0.0.1] (localhost [127.0.0.1])
 by mail-sender-0.a4lg.com (Postfix) with ESMTPSA id 39BF3300089;
 Tue,  4 Oct 2022 09:46:10 +0000 (UTC)
From: Tsukasa OI <research_trasio@irq.a4lg.com>
To: Tsukasa OI <research_trasio@irq.a4lg.com>,
 Nelson Chu <nelson@rivosinc.com>, Kito Cheng <kito.cheng@sifive.com>,
 Palmer Dabbelt <palmer@dabbelt.com>, Andrew Burgess <aburgess@redhat.com>,
 Jan Beulich <jbeulich@suse.com>, Andreas Schwab <schwab@suse.de>
Cc: binutils@sourceware.org,
	gdb-patches@sourceware.org
Subject: [PATCH v2 1/2] RISC-V: Fix buffer overflow on print_insn_riscv
Date: Tue,  4 Oct 2022 09:45:49 +0000
Message-Id: <fc849c94f4adcac1c4ccc5508c7a145a2f13b2a9.1664876744.git.research_trasio@irq.a4lg.com>
In-Reply-To: <cover.1664876744.git.research_trasio@irq.a4lg.com>
References: <cover.1664873933.git.research_trasio@irq.a4lg.com>
 <cover.1664876744.git.research_trasio@irq.a4lg.com>
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-12.1 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, GIT_PATCH_0, KAM_MANYTO, SPF_HELO_NONE, SPF_PASS,
 TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: gdb-patches@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Gdb-patches mailing list <gdb-patches.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/gdb-patches>,
 <mailto:gdb-patches-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/gdb-patches>,
 <mailto:gdb-patches-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Oct 2022 09:46:13 -0000

Because riscv_insn_length started to support instructions up to 176-bit,
we need to increase packet buffer size to 176-bit in size.

include/ChangeLog:

	* opcode/riscv.h (RISCV_MAX_INSN_LEN): Max instruction length for
	use in buffer size.

opcodes/ChangeLog:

	* riscv-dis.c (print_insn_riscv): Increase buffer size for max
	176-bit length instructions.
---
 include/opcode/riscv.h | 2 ++
 opcodes/riscv-dis.c    | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/include/opcode/riscv.h b/include/opcode/riscv.h
index 9417dcf00c5..33415977bc7 100644
--- a/include/opcode/riscv.h
+++ b/include/opcode/riscv.h
@@ -55,6 +55,8 @@ static const char * const riscv_pred_succ[16] =
   "i", "iw", "ir", "irw", "io", "iow", "ior", "iorw"
 };
 
+#define RISCV_MAX_INSN_LEN 22  /* max 176-bit encoding.  */
+
 #define RVC_JUMP_BITS 11
 #define RVC_JUMP_REACH ((1ULL << RVC_JUMP_BITS) * RISCV_JUMP_ALIGN)
 
diff --git a/opcodes/riscv-dis.c b/opcodes/riscv-dis.c
index 6ac69490b78..f5e5af3138c 100644
--- a/opcodes/riscv-dis.c
+++ b/opcodes/riscv-dis.c
@@ -999,7 +999,7 @@ riscv_disassemble_data (bfd_vma memaddr ATTRIBUTE_UNUSED,
 int
 print_insn_riscv (bfd_vma memaddr, struct disassemble_info *info)
 {
-  bfd_byte packet[8];
+  bfd_byte packet[RISCV_MAX_INSN_LEN];
   insn_t insn = 0;
   bfd_vma dump_size;
   int status;
-- 
2.34.1