aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMaciej W. Rozycki <macro@mips.com>2018-04-04 02:00:49 +0100
committerMaciej W. Rozycki <macro@mips.com>2018-04-04 02:00:49 +0100
commit707bad1b21c18cf8e570fb8df8f7c5961fb0f3a5 (patch)
tree6891f9d0af2d4393e1eeaf92ef743378ae48174d
parent0cc919dc6abede5e61b9d8234028fba879166088 (diff)
downloadgdb-707bad1b21c18cf8e570fb8df8f7c5961fb0f3a5.zip
gdb-707bad1b21c18cf8e570fb8df8f7c5961fb0f3a5.tar.gz
gdb-707bad1b21c18cf8e570fb8df8f7c5961fb0f3a5.tar.bz2
PR binutils/22875: Visium/ELF: Prevent an out-of-bounds howto table access
Prevent an out-of-bounds `visium_elf_howto_table' table access in `visium_info_to_howto_rela' by using the size of the table rather than R_VISIUM_max to determine the number of entries in the contiguous regular Visium relocation range defined and described in the table. bfd/ * elf32-visium.c (visium_info_to_howto_rela): Correct the range check for `visium_elf_howto_table' table access.
-rw-r--r--bfd/ChangeLog5
-rw-r--r--bfd/elf32-visium.c3
2 files changed, 7 insertions, 1 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 8e1df6d..991d11b 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,5 +1,10 @@
2018-04-04 Maciej W. Rozycki <macro@mips.com>
+ * elf32-visium.c (visium_info_to_howto_rela): Correct the range
+ check for `visium_elf_howto_table' table access.
+
+2018-04-04 Maciej W. Rozycki <macro@mips.com>
+
* elf32-iq2000.c (iq2000_info_to_howto_rela): Correct the range
check for `iq2000_elf_howto_table' table access.
diff --git a/bfd/elf32-visium.c b/bfd/elf32-visium.c
index 3f8d16a..e8f1c4c 100644
--- a/bfd/elf32-visium.c
+++ b/bfd/elf32-visium.c
@@ -25,6 +25,7 @@
#include "libbfd.h"
#include "elf-bfd.h"
#include "elf/visium.h"
+#include "libiberty.h"
static bfd_reloc_status_type visium_elf_howto_parity_reloc
(bfd *, arelent *, asymbol *, PTR, asection *, bfd *, char **);
@@ -475,7 +476,7 @@ visium_info_to_howto_rela (bfd *abfd, arelent *cache_ptr,
break;
default:
- if (r_type >= (unsigned int) R_VISIUM_max)
+ if (r_type >= ARRAY_SIZE (visium_elf_howto_table))
{
/* xgettext:c-format */
_bfd_error_handler (_("%pB: unsupported relocation type %#x"),