x86: fix Out-of-bounds read error in is16BitEquivalent(). issue reported by Coverity

10 years ago · c96f1b06b2
parent 9bf1b87a66
commit c96f1b06b2
3 changed files with 4 additions and 8 deletions
--- a/arch/AArch64/AArch64InstPrinter.c
+++ b/arch/AArch64/AArch64InstPrinter.c
@ -1342,9 +1342,6 @@ static void printMemExtend(MCInst *MI, unsigned OpNum, SStream *O, char SrcRegKi
 					case 'w':
 							 MI->flat_insn->detail->arm64.operands[MI->flat_insn->detail->arm64.op_count].ext = ARM64_EXT_UXTW;
 							 break;
-					case 'x':
-							 MI->flat_insn->detail->arm64.operands[MI->flat_insn->detail->arm64.op_count].ext = ARM64_EXT_UXTX;
-							 break;
 				}
 			} else {
 					switch(SrcRegKind) {
--- a/arch/Mips/MipsDisassembler.c
+++ b/arch/Mips/MipsDisassembler.c
@ -468,7 +468,7 @@ static DecodeStatus DecodeINSVE_DF_4(MCInst *MI, uint32_t insn,
 	//assert(NSize != 0 && RegDecoder != nullptr);

 	if (RegDecoder == NULL)
-		return;
+		return MCDisassembler_Fail;

 	// $wd
 	tmp = fieldFromInstruction(insn, 6, 5);
--- a/arch/X86/X86DisassemblerDecoder.c
+++ b/arch/X86/X86DisassemblerDecoder.c
@ -959,14 +959,13 @@ static bool is16BitEquivalent(unsigned orig, unsigned equiv)
 	size_t i;
 	uint16_t idx;

-	if ((idx = x86_16_bit_eq_lookup[orig]) != 0)
-	{
-		for (i = idx - 1; x86_16_bit_eq_tbl[i].first == orig && i < ARR_SIZE(x86_16_bit_eq_tbl); ++i)
-		{
+	if ((idx = x86_16_bit_eq_lookup[orig]) != 0) {
+		for (i = idx - 1; i < ARR_SIZE(x86_16_bit_eq_tbl) && x86_16_bit_eq_tbl[i].first == orig; i++) {
 			if (x86_16_bit_eq_tbl[i].second == equiv)
 				return true;
 		}
 	}
+
 	return false;
 }