From 7c23a1e805b2a9f41b1e9c6e7edd989ea3033be2 Mon Sep 17 00:00:00 2001 From: Peter Johnson Date: Fri, 3 Dec 2004 06:09:30 +0000 Subject: [PATCH] Fix free-before-use case in x86 finalize code. Bytecode transformation deletes the old bytecode, so it's not safe to use anything from the old bytecode after this point (such as the prefixes array passed to arch finalize). * x86bc.c (yasm_x86__bc_apply_prefixes): Take x86_common as parameter rather than bytecode; add line parameter instead of referencing bc->line. * x86arch.h (yasm_x86__bc_apply_prefixes): Likewise. * x86id.re (x86_finalize_jmpfar, x86_finalize_jmp) (yasm_x86__finalize_insn): Apply prefixes before bytecode transform. svn path=/trunk/yasm/; revision=1186 --- modules/arch/x86/x86arch.h | 3 ++- modules/arch/x86/x86bc.c | 7 +++---- modules/arch/x86/x86id.re | 12 +++++++++--- 3 files changed, 14 insertions(+), 8 deletions(-) diff --git a/modules/arch/x86/x86arch.h b/modules/arch/x86/x86arch.h index 1d712525..b89b3b19 100644 --- a/modules/arch/x86/x86arch.h +++ b/modules/arch/x86/x86arch.h @@ -231,7 +231,8 @@ void yasm_x86__bc_transform_jmp(yasm_bytecode *bc, x86_jmp *jmp); void yasm_x86__bc_transform_jmpfar(yasm_bytecode *bc, x86_jmpfar *jmpfar); void yasm_x86__bc_apply_prefixes - (yasm_bytecode *bc, int num_prefixes, unsigned long **prefixes); + (x86_common *common, int num_prefixes, unsigned long **prefixes, + unsigned long line); void yasm_x86__ea_init(yasm_effaddr *ea, unsigned int spare, /*@null@*/ yasm_symrec *origin); diff --git a/modules/arch/x86/x86bc.c b/modules/arch/x86/x86bc.c index 2d1d4fd3..cce71e71 100644 --- a/modules/arch/x86/x86bc.c +++ b/modules/arch/x86/x86bc.c @@ -270,17 +270,16 @@ yasm_x86__ea_create_imm(yasm_expr *imm, unsigned int im_len) /*@=compmempass@*/ void -yasm_x86__bc_apply_prefixes(yasm_bytecode *bc, int num_prefixes, - unsigned long **prefixes) +yasm_x86__bc_apply_prefixes(x86_common *common, int num_prefixes, + unsigned long **prefixes, unsigned long line) { - x86_common *common = (x86_common *)bc->contents; int i; for (i=0; ilockrep_pre != 0) - yasm__warning(YASM_WARN_GENERAL, bc->line, + yasm__warning(YASM_WARN_GENERAL, line, N_("multiple LOCK or REP prefixes, using leftmost")); common->lockrep_pre = (unsigned char)prefixes[i][1]; break; diff --git a/modules/arch/x86/x86id.re b/modules/arch/x86/x86id.re index d96aeef6..e4e7fe6f 100644 --- a/modules/arch/x86/x86id.re +++ b/modules/arch/x86/x86id.re @@ -1754,9 +1754,11 @@ x86_finalize_jmpfar(yasm_arch *arch, yasm_bytecode *bc, yasm_internal_error(N_("didn't get FAR expression in jmpfar")); } + yasm_x86__bc_apply_prefixes((x86_common *)jmpfar, num_prefixes, prefixes, + bc->line); + /* Transform the bytecode */ yasm_x86__bc_transform_jmpfar(bc, jmpfar); - yasm_x86__bc_apply_prefixes(bc, num_prefixes, prefixes); } static void @@ -1856,9 +1858,11 @@ x86_finalize_jmp(yasm_arch *arch, yasm_bytecode *bc, yasm_bytecode *prev_bc, yasm__error(bc->line, N_("no NEAR form of that jump instruction exists")); + yasm_x86__bc_apply_prefixes((x86_common *)jmp, num_prefixes, prefixes, + bc->line); + /* Transform the bytecode */ yasm_x86__bc_transform_jmp(bc, jmp); - yasm_x86__bc_apply_prefixes(bc, num_prefixes, prefixes); } void @@ -2420,9 +2424,11 @@ yasm_x86__finalize_insn(yasm_arch *arch, yasm_bytecode *bc, } else insn->imm = NULL; + yasm_x86__bc_apply_prefixes((x86_common *)insn, num_prefixes, prefixes, + bc->line); + /* Transform the bytecode */ yasm_x86__bc_transform_insn(bc, insn); - yasm_x86__bc_apply_prefixes(bc, num_prefixes, prefixes); } -- 2.40.0