diff options
author | Maciej W. Rozycki <macro@mips.com> | 2018-04-04 02:00:49 +0100 |
---|---|---|
committer | Maciej W. Rozycki <macro@mips.com> | 2018-04-04 02:00:49 +0100 |
commit | 707bad1b21c18cf8e570fb8df8f7c5961fb0f3a5 (patch) | |
tree | 6891f9d0af2d4393e1eeaf92ef743378ae48174d | |
parent | 0cc919dc6abede5e61b9d8234028fba879166088 (diff) | |
download | gdb-707bad1b21c18cf8e570fb8df8f7c5961fb0f3a5.zip gdb-707bad1b21c18cf8e570fb8df8f7c5961fb0f3a5.tar.gz gdb-707bad1b21c18cf8e570fb8df8f7c5961fb0f3a5.tar.bz2 |
PR binutils/22875: Visium/ELF: Prevent an out-of-bounds howto table access
Prevent an out-of-bounds `visium_elf_howto_table' table access in
`visium_info_to_howto_rela' by using the size of the table rather than
R_VISIUM_max to determine the number of entries in the contiguous
regular Visium relocation range defined and described in the table.
bfd/
* elf32-visium.c (visium_info_to_howto_rela): Correct the range
check for `visium_elf_howto_table' table access.
-rw-r--r-- | bfd/ChangeLog | 5 | ||||
-rw-r--r-- | bfd/elf32-visium.c | 3 |
2 files changed, 7 insertions, 1 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog index 8e1df6d..991d11b 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,5 +1,10 @@ 2018-04-04 Maciej W. Rozycki <macro@mips.com> + * elf32-visium.c (visium_info_to_howto_rela): Correct the range + check for `visium_elf_howto_table' table access. + +2018-04-04 Maciej W. Rozycki <macro@mips.com> + * elf32-iq2000.c (iq2000_info_to_howto_rela): Correct the range check for `iq2000_elf_howto_table' table access. diff --git a/bfd/elf32-visium.c b/bfd/elf32-visium.c index 3f8d16a..e8f1c4c 100644 --- a/bfd/elf32-visium.c +++ b/bfd/elf32-visium.c @@ -25,6 +25,7 @@ #include "libbfd.h" #include "elf-bfd.h" #include "elf/visium.h" +#include "libiberty.h" static bfd_reloc_status_type visium_elf_howto_parity_reloc (bfd *, arelent *, asymbol *, PTR, asection *, bfd *, char **); @@ -475,7 +476,7 @@ visium_info_to_howto_rela (bfd *abfd, arelent *cache_ptr, break; default: - if (r_type >= (unsigned int) R_VISIUM_max) + if (r_type >= ARRAY_SIZE (visium_elf_howto_table)) { /* xgettext:c-format */ _bfd_error_handler (_("%pB: unsupported relocation type %#x"), |