Avoid buffer underrun in subset parsing
The RISC-V ISA extension parser now prevents buffer underruns by adding boundary checks and correcting indentation.
This commit fixes a potential buffer underrun vulnerability in the RISC-V ISA extension parsing logic by adding explicit boundary checks. Previous code could attempt to access memory before the start of a buffer when validating extension names, which constitutes undefined behavior. The fix adds q > subset checks before dereferencing *(q - 1) or *(q - 2). Additionally, indentation issues were corrected to improve code readability and maintainability.
In Details
In the RISC-V BFD backend, the riscv_parse_extensions() and riscv_update_subset1() functions in bfd/elfxx-riscv.c are responsible for parsing architecture subset strings, such as those provided by -march. This commit addresses a potential buffer underrun when checking for invalid extension formats like <number>p. Specifically, it adds a q > subset check to ensure that q - 1 or q - 2 do not access memory before the subset buffer, which could lead to undefined behavior. This improves the robustness of the parser against malformed input, preventing potential crashes or exploits.
For Context
When you tell a compiler or assembler to target a specific RISC-V processor, you might provide a string that describes the exact features (or 'extensions') your program will use. This commit fixes a safety issue in the Binutils tools that interpret this string. Previously, if the string was crafted in a specific way, the tool could try to read data from before the start of its designated memory area, which is a common cause of crashes or security vulnerabilities. This fix adds checks to ensure the tool always reads within its proper bounds, like making sure you don't accidentally read past the beginning of a page in a book. It also cleans up some formatting to make the code easier to read.