[PATCH] target/tricore: Fix out-of-bounds index in imask instruction

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] target/tricore: Fix out-of-bounds index in imask instruction

From:	Siqi Chen
Subject:	[PATCH] target/tricore: Fix out-of-bounds index in imask instruction
Date:	Mon, 12 Jun 2023 14:56:33 +0800

When translating  "imask" instruction of Tricore architecture, QEMU did not 
check whether the register index was out of bounds, resulting in a 
global-buffer-overflow.

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1698
Reported-by: Siqi Chen <coc.cyqh@gmail.com>
Signed-off-by: Siqi Chen <coc.cyqh@gmail.com>
---
 target/tricore/translate.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/target/tricore/translate.c b/target/tricore/translate.c
index cd33a1dcdd..3b8d3f53ee 100644
--- a/target/tricore/translate.c
+++ b/target/tricore/translate.c
@@ -5331,6 +5331,7 @@ static void decode_rcrw_insert(DisasContext *ctx)
 
     switch (op2) {
     case OPC2_32_RCRW_IMASK:
+        CHECK_REG_PAIR(r4);
         tcg_gen_andi_tl(temp, cpu_gpr_d[r3], 0x1f);
         tcg_gen_movi_tl(temp2, (1 << width) - 1);
         tcg_gen_shl_tl(cpu_gpr_d[r4 + 1], temp2, temp);
-- 
2.34.1

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH] target/tricore: Fix out-of-bounds index in imask instruction, Siqi Chen <=
- Re: [PATCH] target/tricore: Fix out-of-bounds index in imask instruction, Bastian Koppelmann, 2023/06/12

Prev by Date: Re: [PATCH v3 2/6] target/riscv: support the AIA device emulation with KVM enabled
Next by Date: RE: [PATCH] udmabuf: revert 'Add support for mapping hugepages (v4)'
Previous by thread: Re: [RFC 0/2] migration: Update error description outside migration.c
Next by thread: Re: [PATCH] target/tricore: Fix out-of-bounds index in imask instruction
Index(es):
- Date
- Thread