yuzu/unicorn
1
0
Fork 0
mirror of https://github.com/yuzu-emu/unicorn.git synced 2024-12-22 14:15:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

target/i386: Verify memory operand for lcall and ljmp

Browse source 
These two opcodes only allow a memory operand.

Lacking the check for a register operand, we used the A0 temp
without initialization, which led to a tcg abort.

Backports 10b8eb94c0902b58d83df84a9eeae709a3480e82
This commit is contained in:
Richard Henderson 2021-04-01 16:03:57 -04:00 committed by Lioncash
parent 0a648854a8
commit 988bf2f458
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
qemu/target/i386/translate.c
View file

@ -5596,6 +5596,9 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_jr(s, s->T0);
break;
case 3: /* lcall Ev */
if (mod == 3) {
goto illegal_op;
}
gen_op_ld_v(s, ot, s->T1, s->A0);
gen_add_A0_im(s, 1 << ot);
gen_op_ld_v(s, MO_16, s->T0, s->A0);
@ -5623,6 +5626,9 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_jr(s, s->T0);
break;
case 5: /* ljmp Ev */
if (mod == 3) {
goto illegal_op;
}
gen_op_ld_v(s, ot, s->T1, s->A0);
gen_add_A0_im(s, 1 << ot);
gen_op_ld_v(s, MO_16, s->T0, s->A0);