[BPF] fix an asan issue when disassemble an illegal instruction
Commit 8e8f1bd7 ("[BPF] Return fail if disassembled insn registers out of range") tried to fix a segfault when an illegal instruction is decoded. A test case is added to emulate such an illegal instruction. The llvm buildbot reported an asan issue with this test case. ERROR: AddressSanitizer: global-buffer-overflow on address ... decodeMemoryOpValue(llvm::MCInst&, unsigned int, ...) llvm::MCDisassembler::DecodeStatus llvm::decodeToMCInst<unsigned long>(...) llvm::MCDisassembler::DecodeStatus llvm::decodeInstruction<unsigned long>(...) in (anonymous namespace)::BPFDisassembler::getInstruction(...) ... Basically, the fix in Commit 8e8f1bd7 is too later to prevent the asan. The fix in this patch moved the register number check earlier during decodeInstruction(). It will return fail for decodeInstruction() if the register number is out of range. Note that DecodeGPRRegisterClass() and DecodeGPR32RegisterClass() already have register number checking, so here we only check decodeMemoryOpValue().
Loading
Please sign in to comment