From patchwork Fri Mar  3 15:50:29 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Maydell <peter.maydell@linaro.org>
X-Patchwork-Id: 94849
Delivered-To: patches@linaro.org
Received: by 10.182.3.34 with SMTP id 2csp274245obz;
 Fri, 3 Mar 2017 07:50:37 -0800 (PST)
X-Received: by 10.28.104.6 with SMTP id d6mr3585794wmc.79.1488556237807;
 Fri, 03 Mar 2017 07:50:37 -0800 (PST)
Return-Path: <pm215@archaic.org.uk>
Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2])
 by mx.google.com with ESMTPS id
 l200si3390980wmd.149.2017.03.03.07.50.37 for <patches@linaro.org>
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Fri, 03 Mar 2017 07:50:37 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of
 pm215@archaic.org.uk designates 2001:8b0:1d0::2 as permitted
 sender) client-ip=2001:8b0:1d0::2; 
Authentication-Results: mx.google.com;
 spf=pass (google.com: best guess record for domain of
 pm215@archaic.org.uk designates 2001:8b0:1d0::2 as permitted
 sender) smtp.mailfrom=pm215@archaic.org.uk; 
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from pm215 by orth.archaic.org.uk with local (Exim 4.84_2)
 (envelope-from <pm215@archaic.org.uk>)
 id 1cjpTX-0006DP-Bd; Fri, 03 Mar 2017 15:50:35 +0000
From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-devel@nongnu.org
Cc: patches@linaro.org, "Edgar E. Iglesias" <edgar.iglesias@gmail.com>,
 Richard Henderson <rth@twiddle.net>, Paolo Bonzini <pbonzini@redhat.com>,
 Eduardo Habkost <ehabkost@redhat.com>, Laurent Vivier <laurent@vivier.eu>
Subject: [PATCH for-2.9 2/6] disas/i386: Avoid NULL pointer dereference in
 error case
Date: Fri,  3 Mar 2017 15:50:29 +0000
Message-Id: <1488556233-31246-3-git-send-email-peter.maydell@linaro.org>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1488556233-31246-1-git-send-email-peter.maydell@linaro.org>
References: <1488556233-31246-1-git-send-email-peter.maydell@linaro.org>

In a code path where we hit an internal disassembler error, execution
would subsequently attempt to dereference a NULL pointer.  This
should never happen, but avoid the crash.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 disas/i386.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-- 
2.7.4

diff --git a/disas/i386.c b/disas/i386.c
index 07f871f..f1e376c 100644
--- a/disas/i386.c
+++ b/disas/i386.c
@@ -4043,7 +4043,7 @@ print_insn (bfd_vma pc, disassemble_info *info)
 	    }
 	}
 
-      if (putop (dp->name, sizeflag) == 0)
+      if (dp->name != NULL && putop (dp->name, sizeflag) == 0)
         {
 	  for (i = 0; i < MAX_OPERANDS; ++i)
 	    {