[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-trivial] [PATCH for-3.1 1/2] i386: hvf: Fix overrun of _decode_tbl
From: |
Roman Bolshakov |
Subject: |
[Qemu-trivial] [PATCH for-3.1 1/2] i386: hvf: Fix overrun of _decode_tbl1 |
Date: |
Mon, 3 Dec 2018 13:04:14 +0300 |
Single opcode instructions in ff group were incorrectly processed
because an overrun of _decode_tbl1[0xff] resulted in access of
_decode_tbl2[0x0]. Thus, decode_sldtgroup was called instead of
decode_ffgroup:
7d71: decode_sldtgroup: 1
Unimplemented handler (7d71) for 108 (ff 0)
While at it correct maximum length for _decode_tbl2 and _decode_tbl3.
Signed-off-by: Roman Bolshakov <address@hidden>
---
target/i386/hvf/x86_decode.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/target/i386/hvf/x86_decode.c b/target/i386/hvf/x86_decode.c
index 2e33b69541..d125a6ef83 100644
--- a/target/i386/hvf/x86_decode.c
+++ b/target/i386/hvf/x86_decode.c
@@ -454,9 +454,9 @@ struct decode_x87_tbl {
struct decode_tbl invl_inst = {0x0, 0, 0, false, NULL, NULL, NULL, NULL,
decode_invalid};
-struct decode_tbl _decode_tbl1[255];
-struct decode_tbl _decode_tbl2[255];
-struct decode_x87_tbl _decode_tbl3[255];
+struct decode_tbl _decode_tbl1[256];
+struct decode_tbl _decode_tbl2[256];
+struct decode_x87_tbl _decode_tbl3[256];
static void decode_x87_ins(CPUX86State *env, struct x86_decode *decode)
{
--
2.17.2 (Apple Git-113)
- [Qemu-trivial] [PATCH for-3.1 1/2] i386: hvf: Fix overrun of _decode_tbl1,
Roman Bolshakov <=