RISC-V: avoid buffer underrun in subset parsing
The patch prevents a potential buffer underrun during RISC-V ISA extension parsing.
This patch fixes a potential buffer underrun vulnerability in the RISC-V assembler’s ISA extension parsing logic. The code could potentially read before the beginning of the buffer when checking for the ‘p’ suffix on extension names. The patch adjusts the checks to ensure that the code never attempts to access memory outside of the allocated buffer, resolving the vulnerability.
- contributor
Agrees with the patch, which addresses a potential buffer underrun.
“In both instances 'p' can be the first character. Inspecting the character immediately ahead of it is then UB.”
In Details
This patch addresses a buffer underrun in the RISC-V assembler's subset parsing logic. Buffer underruns are a type of memory safety vulnerability that can lead to crashes or even arbitrary code execution. The fix ensures that the code only accesses valid memory locations.
For Context
This patch fixes a potential security vulnerability in the RISC-V assembler. The vulnerability, called a buffer underrun, could occur when the assembler is parsing the list of supported instruction set extensions. By carefully checking the boundaries of the data being processed, the patch prevents the assembler from accidentally reading data from outside of the allocated memory, thus preventing crashes or potential malicious exploitation.