Usage of unitialized heap in tic4x_print_cond

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Usage of unitialized heap in tic4x_print_cond

Alan Modra-3
        PR 25319
        * tic4x-dis.c (tic4x_print_cond): Init all of condtable.

diff --git a/opcodes/tic4x-dis.c b/opcodes/tic4x-dis.c
index d9f95c9410..01cfa1e060 100644
--- a/opcodes/tic4x-dis.c
+++ b/opcodes/tic4x-dis.c
@@ -277,7 +277,7 @@ tic4x_print_cond (struct disassemble_info *info, unsigned int cond)
 
   if (condtable == NULL)
     {
-      condtable = xmalloc (sizeof (tic4x_cond_t *) * 32);
+      condtable = xcalloc (sizeof (tic4x_cond_t *), 32);
       for (i = 0; i < tic4x_num_conds; i++)
  condtable[tic4x_conds[i].cond] = (tic4x_cond_t *)(tic4x_conds + i);
     }

--
Alan Modra
Australia Development Lab, IBM
Reply | Threaded
Open this post in threaded view
|

Re: Usage of unitialized heap in tic4x_print_cond

Tim Rühsen
On 29.12.19 12:41, Alan Modra wrote:

> PR 25319
> * tic4x-dis.c (tic4x_print_cond): Init all of condtable.
>
> diff --git a/opcodes/tic4x-dis.c b/opcodes/tic4x-dis.c
> index d9f95c9410..01cfa1e060 100644
> --- a/opcodes/tic4x-dis.c
> +++ b/opcodes/tic4x-dis.c
> @@ -277,7 +277,7 @@ tic4x_print_cond (struct disassemble_info *info, unsigned int cond)
>  
>    if (condtable == NULL)
>      {
> -      condtable = xmalloc (sizeof (tic4x_cond_t *) * 32);
> +      condtable = xcalloc (sizeof (tic4x_cond_t *), 32);
>        for (i = 0; i < tic4x_num_conds; i++)
>   condtable[tic4x_conds[i].cond] = (tic4x_cond_t *)(tic4x_conds + i);
>      }
Sorry for being nitpicking, but isn't it xcalloc(nmemb, size) ?

Regards, Tim


signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Usage of unitialized heap in tic4x_print_cond

Joel Sherrill
In reply to this post by Alan Modra-3
Out of curiosity, is this target actually still in use? The GCC port never
got merged and I doubt TI would sell it for new applications.

FWIW we had an RTEMS port to the c3x/c4x long ago but it was removed about
15 years ago.

--joel

On Sun, Dec 29, 2019, 5:41 AM Alan Modra <[hidden email]> wrote:

>         PR 25319
>         * tic4x-dis.c (tic4x_print_cond): Init all of condtable.
>
> diff --git a/opcodes/tic4x-dis.c b/opcodes/tic4x-dis.c
> index d9f95c9410..01cfa1e060 100644
> --- a/opcodes/tic4x-dis.c
> +++ b/opcodes/tic4x-dis.c
> @@ -277,7 +277,7 @@ tic4x_print_cond (struct disassemble_info *info,
> unsigned int cond)
>
>    if (condtable == NULL)
>      {
> -      condtable = xmalloc (sizeof (tic4x_cond_t *) * 32);
> +      condtable = xcalloc (sizeof (tic4x_cond_t *), 32);
>        for (i = 0; i < tic4x_num_conds; i++)
>         condtable[tic4x_conds[i].cond] = (tic4x_cond_t *)(tic4x_conds + i);
>      }
>
> --
> Alan Modra
> Australia Development Lab, IBM
>
Reply | Threaded
Open this post in threaded view
|

Re: Usage of unitialized heap in tic4x_print_cond

Alan Modra-3
In reply to this post by Tim Rühsen
On Sun, Dec 29, 2019 at 05:32:48PM +0100, Tim Rühsen wrote:

> On 29.12.19 12:41, Alan Modra wrote:
> > PR 25319
> > * tic4x-dis.c (tic4x_print_cond): Init all of condtable.
> >
> > diff --git a/opcodes/tic4x-dis.c b/opcodes/tic4x-dis.c
> > index d9f95c9410..01cfa1e060 100644
> > --- a/opcodes/tic4x-dis.c
> > +++ b/opcodes/tic4x-dis.c
> > @@ -277,7 +277,7 @@ tic4x_print_cond (struct disassemble_info *info, unsigned int cond)
> >  
> >    if (condtable == NULL)
> >      {
> > -      condtable = xmalloc (sizeof (tic4x_cond_t *) * 32);
> > +      condtable = xcalloc (sizeof (tic4x_cond_t *), 32);
> >        for (i = 0; i < tic4x_num_conds; i++)
> >   condtable[tic4x_conds[i].cond] = (tic4x_cond_t *)(tic4x_conds + i);
> >      }
>
> Sorry for being nitpicking, but isn't it xcalloc(nmemb, size) ?

Correct, thanks.  Fixed, not that it matters much.

--
Alan Modra
Australia Development Lab, IBM