commit 6498602e151d782f2845d91f26bd9954abb9b399
parent 61dcd8b5073dbacdfcb6ea906eb2e99c6c3a6b92
Author: Drew DeVault <sir@cmpwn.com>
Date: Fri, 13 Aug 2021 09:11:15 +0200
gen: check bounds on insert
Signed-off-by: Drew DeVault <sir@cmpwn.com>
Diffstat:
1 file changed, 12 insertions(+), 0 deletions(-)
diff --git a/src/gen.c b/src/gen.c
@@ -1592,6 +1592,18 @@ gen_expr_insert(struct gen_context *ctx, const struct expression *expr)
struct qbe_value len = mkqtmp(ctx, ctx->arch.sz, ".%d");
pushi(ctx->current, &len, load, &lenptr, NULL);
+ struct qbe_value valid = mkqtmp(ctx, &qbe_word, ".%d");
+ pushi(ctx->current, &valid, Q_CULEL, &qindex, &len, NULL);
+
+ struct qbe_statement linvalid, lvalid;
+ struct qbe_value binvalid = mklabel(ctx, &linvalid, ".%d");
+ struct qbe_value bvalid = mklabel(ctx, &lvalid, ".%d");
+
+ pushi(ctx->current, NULL, Q_JNZ, &valid, &bvalid, &binvalid, NULL);
+ push(&ctx->current->body, &linvalid);
+ gen_fixed_abort(ctx, expr->loc, ABORT_OOB);
+ push(&ctx->current->body, &lvalid);
+
size_t args = 0;
for (struct append_values *value = expr->insert.values;
value; value = value->next) {
