Fix buffer overrun looking up type information for op_lab pseudoops (as

they're not EM opcodes, we shouldn't look them up in em_flags!).
2013-05-16 22:02:59 +01:00 · 2013-05-16 22:02:59 +01:00 · e5f6d5acfa
commit e5f6d5acfa
parent f70f78b6e4
1 changed files with 7 additions and 0 deletions
--- a/mach/proto/ncg/nextem.c
+++ b/mach/proto/ncg/nextem.c
@ -87,6 +87,13 @@ extern char em_flag[];

 argtyp(mn) {

+	/* op_lab is a special opcode which represents a label definition. It's
+	 * not actually a real EM instruction. Therefore if we try to look it
+	 * up in em_flag, we'll get a buffer overrun... */
+
+	if (mn == op_lab)
+		return EV_UNDEF;
+
 	switch(em_flag[mn-sp_fmnem]&EM_PAR) {
 	case PAR_W:
 	case PAR_S: