From f063f747c21548329170fd09fd09d391b2277aed Mon Sep 17 00:00:00 2001 From: iximeow Date: Thu, 16 Dec 2021 19:58:15 -0800 Subject: displacements are stored as unsigned, but are functionally signed ints so multiplying to expand EVEX compressed offsets can overflow, and that needs to be okay. --- test/long_mode/mod.rs | 6 ++++++ test/protected_mode/mod.rs | 6 ++++++ test/real_mode/mod.rs | 6 ++++++ 3 files changed, 18 insertions(+) (limited to 'test') diff --git a/test/long_mode/mod.rs b/test/long_mode/mod.rs index 1efa74e..ee0ab4e 100644 --- a/test/long_mode/mod.rs +++ b/test/long_mode/mod.rs @@ -3390,3 +3390,9 @@ fn test_sevsnp() { fn from_llvm() { test_display(&[0xf3, 0x0f, 0x3a, 0xf0, 0xc0, 0x01], "hreset 0x1"); } + +#[test] +fn from_reports() { + // negative compressed evex displacements should not overflow and panic + test_display(&[0x62, 0xf2, 0x6d, 0xac, 0x00, 0x59, 0xa7], "vpshufb ymm3{k4}{z}, ymm2, ymmword [rcx - 0xb20]"); +} diff --git a/test/protected_mode/mod.rs b/test/protected_mode/mod.rs index 4b8ca8d..70dfb78 100644 --- a/test/protected_mode/mod.rs +++ b/test/protected_mode/mod.rs @@ -3077,3 +3077,9 @@ fn test_sevsnp() { fn from_llvm() { test_display(&[0xf3, 0x0f, 0x3a, 0xf0, 0xc0, 0x01], "hreset 0x1"); } + +#[test] +fn from_reports() { + // negative compressed evex displacements should not overflow and panic + test_display(&[0x62, 0xf2, 0x6d, 0xac, 0x00, 0x59, 0xa7], "vpshufb ymm3{k4}{z}, ymm2, ymmword [ecx - 0xb20]"); +} diff --git a/test/real_mode/mod.rs b/test/real_mode/mod.rs index 6dcc3a2..b13358a 100644 --- a/test/real_mode/mod.rs +++ b/test/real_mode/mod.rs @@ -18362,3 +18362,9 @@ fn test_invalid_sequences() { test_invalid(&[0xf3, 0xf2, 0x0f, 0xae, 0x8f, 0x54, 0x3c, 0x58, 0xb7]); test_invalid(&[0xff, 0xd8]); } + +#[test] +fn from_reports() { + // negative compressed evex displacements should not overflow and panic + test_display(&[0x62, 0xf2, 0x6d, 0xac, 0x00, 0x59, 0xa7], "vpshufb ymm3{k4}{z}, ymm2, ymmword [bx + di - 0xb20]"); +} -- cgit v1.1