diff options
| author | Peter Maydell | 2017-03-03 16:50:33 +0100 |
|---|---|---|
| committer | Peter Maydell | 2017-03-07 15:33:51 +0100 |
| commit | 43c227f9dd7945bb4a895f841ecdb957bd8a12da (patch) | |
| tree | 7d0b763a64df2d45bcf95ca28a7d434de63a2229 /disas | |
| parent | disas/cris: Avoid unintended sign extension (diff) | |
| download | qemu-43c227f9dd7945bb4a895f841ecdb957bd8a12da.tar.gz qemu-43c227f9dd7945bb4a895f841ecdb957bd8a12da.tar.xz qemu-43c227f9dd7945bb4a895f841ecdb957bd8a12da.zip | |
disas/arm: Avoid unintended sign extension
When assembling 'given' from the instruction bytes, C's integer
promotion rules mean we may promote an unsigned char to a signed
integer before shifting it, and then sign extend to a 64-bit long,
which can set the high bits of the long. The code doesn't in fact
care about the high bits if the long is 64 bits, but this is
surprising, so don't do it.
(Spotted by Coverity, CID 1005404.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1488556233-31246-7-git-send-email-peter.maydell@linaro.org
Diffstat (limited to 'disas')
| -rw-r--r-- | disas/arm.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/disas/arm.c b/disas/arm.c index 93c650344c..27396dd3e1 100644 --- a/disas/arm.c +++ b/disas/arm.c @@ -3901,9 +3901,9 @@ print_insn_arm (bfd_vma pc, struct disassemble_info *info) status = info->read_memory_func (pc, (bfd_byte *)b, 4, info); if (little) - given = (b[0]) | (b[1] << 8) | (b[2] << 16) | (b[3] << 24); + given = (b[0]) | (b[1] << 8) | (b[2] << 16) | ((unsigned)b[3] << 24); else - given = (b[3]) | (b[2] << 8) | (b[1] << 16) | (b[0] << 24); + given = (b[3]) | (b[2] << 8) | (b[1] << 16) | ((unsigned)b[0] << 24); } else { |