Usage of unitialized heap in tic4x_print_cond

Message ID 20191229114121.GE16749@bubble.grove.modra.org
State New
Headers show
Series
  • Usage of unitialized heap in tic4x_print_cond
Related show

Commit Message

Alan Modra Dec. 29, 2019, 11:41 a.m.
PR 25319
	* tic4x-dis.c (tic4x_print_cond): Init all of condtable.


-- 
Alan Modra
Australia Development Lab, IBM

Comments

Tim Rühsen Dec. 29, 2019, 4:32 p.m. | #1
On 29.12.19 12:41, Alan Modra wrote:
> 	PR 25319

> 	* tic4x-dis.c (tic4x_print_cond): Init all of condtable.

> 

> diff --git a/opcodes/tic4x-dis.c b/opcodes/tic4x-dis.c

> index d9f95c9410..01cfa1e060 100644

> --- a/opcodes/tic4x-dis.c

> +++ b/opcodes/tic4x-dis.c

> @@ -277,7 +277,7 @@ tic4x_print_cond (struct disassemble_info *info, unsigned int cond)

>  

>    if (condtable == NULL)

>      {

> -      condtable = xmalloc (sizeof (tic4x_cond_t *) * 32);

> +      condtable = xcalloc (sizeof (tic4x_cond_t *), 32);

>        for (i = 0; i < tic4x_num_conds; i++)

>  	condtable[tic4x_conds[i].cond] = (tic4x_cond_t *)(tic4x_conds + i);

>      }


Sorry for being nitpicking, but isn't it xcalloc(nmemb, size) ?

Regards, Tim
Joel Sherrill Dec. 29, 2019, 7:36 p.m. | #2
Out of curiosity, is this target actually still in use? The GCC port never
got merged and I doubt TI would sell it for new applications.

FWIW we had an RTEMS port to the c3x/c4x long ago but it was removed about
15 years ago.

--joel

On Sun, Dec 29, 2019, 5:41 AM Alan Modra <amodra@gmail.com> wrote:

>         PR 25319

>         * tic4x-dis.c (tic4x_print_cond): Init all of condtable.

>

> diff --git a/opcodes/tic4x-dis.c b/opcodes/tic4x-dis.c

> index d9f95c9410..01cfa1e060 100644

> --- a/opcodes/tic4x-dis.c

> +++ b/opcodes/tic4x-dis.c

> @@ -277,7 +277,7 @@ tic4x_print_cond (struct disassemble_info *info,

> unsigned int cond)

>

>    if (condtable == NULL)

>      {

> -      condtable = xmalloc (sizeof (tic4x_cond_t *) * 32);

> +      condtable = xcalloc (sizeof (tic4x_cond_t *), 32);

>        for (i = 0; i < tic4x_num_conds; i++)

>         condtable[tic4x_conds[i].cond] = (tic4x_cond_t *)(tic4x_conds + i);

>      }

>

> --

> Alan Modra

> Australia Development Lab, IBM

>
Alan Modra Dec. 29, 2019, 11:07 p.m. | #3
On Sun, Dec 29, 2019 at 05:32:48PM +0100, Tim Rühsen wrote:
> On 29.12.19 12:41, Alan Modra wrote:

> > 	PR 25319

> > 	* tic4x-dis.c (tic4x_print_cond): Init all of condtable.

> > 

> > diff --git a/opcodes/tic4x-dis.c b/opcodes/tic4x-dis.c

> > index d9f95c9410..01cfa1e060 100644

> > --- a/opcodes/tic4x-dis.c

> > +++ b/opcodes/tic4x-dis.c

> > @@ -277,7 +277,7 @@ tic4x_print_cond (struct disassemble_info *info, unsigned int cond)

> >  

> >    if (condtable == NULL)

> >      {

> > -      condtable = xmalloc (sizeof (tic4x_cond_t *) * 32);

> > +      condtable = xcalloc (sizeof (tic4x_cond_t *), 32);

> >        for (i = 0; i < tic4x_num_conds; i++)

> >  	condtable[tic4x_conds[i].cond] = (tic4x_cond_t *)(tic4x_conds + i);

> >      }

> 

> Sorry for being nitpicking, but isn't it xcalloc(nmemb, size) ?


Correct, thanks.  Fixed, not that it matters much.

-- 
Alan Modra
Australia Development Lab, IBM

Patch

diff --git a/opcodes/tic4x-dis.c b/opcodes/tic4x-dis.c
index d9f95c9410..01cfa1e060 100644
--- a/opcodes/tic4x-dis.c
+++ b/opcodes/tic4x-dis.c
@@ -277,7 +277,7 @@  tic4x_print_cond (struct disassemble_info *info, unsigned int cond)
 
   if (condtable == NULL)
     {
-      condtable = xmalloc (sizeof (tic4x_cond_t *) * 32);
+      condtable = xcalloc (sizeof (tic4x_cond_t *), 32);
       for (i = 0; i < tic4x_num_conds; i++)
 	condtable[tic4x_conds[i].cond] = (tic4x_cond_t *)(tic4x_conds + i);
     }