From 06de2e0da24a0f0fdc9b38f8308ec909453c4ee8 Mon Sep 17 00:00:00 2001 From: Alan Modra Date: Mon, 31 Aug 2020 17:34:39 +0930 Subject: [PATCH] PR26510 UBSAN: tc-z8k.c left shift of negative value This also fixes the packing of the nibble buffer, which contains rubbish in the top 4 bits of each element. PR 26510 * config/tc-z8k.c (buffer): Use unsigned char. (apply_fix): Use unsigned char* pointers. (build_bytes): Likewise and mask nibbles when packing. --- gas/ChangeLog | 7 +++++++ gas/config/tc-z8k.c | 16 ++++++++-------- 2 files changed, 15 insertions(+), 8 deletions(-) diff --git a/gas/ChangeLog b/gas/ChangeLog index 8642101aea..80df2b32ca 100644 --- a/gas/ChangeLog +++ b/gas/ChangeLog @@ -1,3 +1,10 @@ +2020-08-31 Alan Modra + + PR 26510 + * config/tc-z8k.c (buffer): Use unsigned char. + (apply_fix): Use unsigned char* pointers. + (build_bytes): Likewise and mask nibbles when packing. + 2020-08-31 Alan Modra PR 26503 diff --git a/gas/config/tc-z8k.c b/gas/config/tc-z8k.c index 60e1d05cdb..58a69f63e5 100644 --- a/gas/config/tc-z8k.c +++ b/gas/config/tc-z8k.c @@ -953,7 +953,7 @@ get_specific (opcode_entry_type *opcode, op_type *operands) return 0; } -static char buffer[20]; +static unsigned char buffer[20]; static void newfix (int ptr, bfd_reloc_code_real_type type, int size, expressionS *operand) @@ -984,9 +984,9 @@ newfix (int ptr, bfd_reloc_code_real_type type, int size, expressionS *operand) } } -static char * -apply_fix (char *ptr, bfd_reloc_code_real_type type, expressionS *operand, - int size) +static unsigned char * +apply_fix (unsigned char *ptr, bfd_reloc_code_real_type type, + expressionS *operand, int size) { long n = operand->X_add_number; @@ -1020,7 +1020,7 @@ apply_fix (char *ptr, bfd_reloc_code_real_type type, expressionS *operand, static void build_bytes (opcode_entry_type *this_try, struct z8k_op *operand ATTRIBUTE_UNUSED) { - char *output_ptr = buffer; + unsigned char *output_ptr = buffer; int c; int nibble; unsigned int *class_ptr; @@ -1183,12 +1183,12 @@ build_bytes (opcode_entry_type *this_try, struct z8k_op *operand ATTRIBUTE_UNUSE /* Copy from the nibble buffer into the frag. */ { int length = (output_ptr - buffer) / 2; - char *src = buffer; - char *fragp = frag_more (length); + unsigned char *src = buffer; + unsigned char *fragp = (unsigned char *) frag_more (length); while (src < output_ptr) { - *fragp = (src[0] << 4) | src[1]; + *fragp = ((src[0] & 0xf) << 4) | (src[1] & 0xf); src += 2; fragp++; } -- 2.34.1