From patchwork Fri Mar 3 15:50:31 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 94855 Delivered-To: patches@linaro.org Received: by 10.182.3.34 with SMTP id 2csp274278obz; Fri, 3 Mar 2017 07:50:41 -0800 (PST) X-Received: by 10.98.201.77 with SMTP id k74mr4374395pfg.74.1488556241310; Fri, 03 Mar 2017 07:50:41 -0800 (PST) Return-Path: Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by mx.google.com with ESMTPS id c10si10959800pfj.210.2017.03.03.07.50.40 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 03 Mar 2017 07:50:41 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of pm215@archaic.org.uk designates 2001:8b0:1d0::2 as permitted sender) client-ip=2001:8b0:1d0::2; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of pm215@archaic.org.uk designates 2001:8b0:1d0::2 as permitted sender) smtp.mailfrom=pm215@archaic.org.uk; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from pm215 by orth.archaic.org.uk with local (Exim 4.84_2) (envelope-from ) id 1cjpTY-0006Dl-E9; Fri, 03 Mar 2017 15:50:36 +0000 From: Peter Maydell To: qemu-devel@nongnu.org Cc: patches@linaro.org, "Edgar E. Iglesias" , Richard Henderson , Paolo Bonzini , Eduardo Habkost , Laurent Vivier Subject: [PATCH for-2.9 4/6] disas/microblaze: Avoid unintended sign extension Date: Fri, 3 Mar 2017 15:50:31 +0000 Message-Id: <1488556233-31246-5-git-send-email-peter.maydell@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1488556233-31246-1-git-send-email-peter.maydell@linaro.org> References: <1488556233-31246-1-git-send-email-peter.maydell@linaro.org> In read_insn_microblaze() we assemble 4 bytes into an 'unsigned long'. If 'unsigned long' is 64 bits and the high byte has its top bit set, then C's implicit conversion from 'unsigned char' to 'int' for the shift will result in an unintended sign extension which sets the top 32 bits in 'inst'. Add casts to prevent this. (Spotted by Coverity, CID 1005401.) Signed-off-by: Peter Maydell --- disas/microblaze.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) -- 2.7.4 Reviewed-by: Edgar E. Iglesias diff --git a/disas/microblaze.c b/disas/microblaze.c index 91b30ac..407c0a3 100644 --- a/disas/microblaze.c +++ b/disas/microblaze.c @@ -748,9 +748,11 @@ read_insn_microblaze (bfd_vma memaddr, } if (info->endian == BFD_ENDIAN_BIG) - inst = (ibytes[0] << 24) | (ibytes[1] << 16) | (ibytes[2] << 8) | ibytes[3]; + inst = ((unsigned)ibytes[0] << 24) | (ibytes[1] << 16) + | (ibytes[2] << 8) | ibytes[3]; else if (info->endian == BFD_ENDIAN_LITTLE) - inst = (ibytes[3] << 24) | (ibytes[2] << 16) | (ibytes[1] << 8) | ibytes[0]; + inst = ((unsigned)ibytes[3] << 24) | (ibytes[2] << 16) + | (ibytes[1] << 8) | ibytes[0]; else abort ();