(unsigned long) p_highpc));
for (pc = p_lowpc; pc < p_highpc; pc += length)
{
+ unsigned char *operand;
+
length = 1;
instructp = ((unsigned char *) core_text_space
+ pc - core_text_sect->vma);
*/
DBG (CALLDEBUG,
printf ("[findcall]\t0x%lx:calls", (unsigned long) pc));
- firstmode = vax_operandmode (instructp + length);
+ if (pc - core_text_sect->vma + length >= core_text_sect->size)
+ goto botched;
+ operand = instructp + length;
+ firstmode = vax_operandmode (operand);
switch (firstmode)
{
case literal:
default:
goto botched;
}
- length += vax_operandlength (instructp + length);
- mode = vax_operandmode (instructp + length);
+ length += vax_operandlength (operand);
+ if (pc - core_text_sect->vma + length >= core_text_sect->size)
+ goto botched;
+ operand = instructp + length;
+ mode = vax_operandmode (operand);
DBG (CALLDEBUG,
printf ("\tfirst operand is %s", vax_operandname (firstmode));
printf ("\tsecond operand is %s\n", vax_operandname (mode)));
* [are there others that we miss?,
* e.g. arrays of pointers to functions???]
*/
+ length += vax_operandlength (operand);
+ if (pc - core_text_sect->vma + length > core_text_sect->size)
+ goto botched;
arc_add (parent, &indirectchild, (unsigned long) 0);
- length += vax_operandlength (instructp + length);
continue;
case byterel:
case wordrel:
* check that this is the address of
* a function.
*/
- destpc = pc + vax_offset (instructp + length);
+ length += vax_operandlength (operand);
+ if (pc - core_text_sect->vma + length > core_text_sect->size)
+ goto botched;
+ destpc = pc + vax_offset (operand);
if (hist_check_address (destpc))
{
child = sym_lookup (&symtab, destpc);
* a hit
*/
arc_add (parent, child, (unsigned long) 0);
- length += vax_operandlength (instructp + length);
continue;
}
}
projects / thirdparty / binutils-gdb.git / blobdiff