[committed v2 3/6] PR binutils/22875: IQ2000/ELF: Prevent an out-of-bounds howto table access

["Maciej W. Rozycki" <macro at mips dot com>]

Prevent an out-of-bounds `iq2000_elf_howto_table' table access in 
`iq2000_info_to_howto_rela' by using the size of the table rather than 
R_IQ2000_max to determine the number of entries in the contiguous 
regular IQ2000 relocation range defined and described in the table.

	bfd/
	* elf32-iq2000.c (iq2000_info_to_howto_rela): Correct the range
	check for `iq2000_elf_howto_table' table access.
---
 This is what I applied following Alan's suggestion and having 
regression-tested it.

  Maciej

Changes from v1:

- Use ARRAY_SIZE on `iq2000_elf_howto_table' to prevent an out-of-bounds 
  table access in `iq2000_info_to_howto_rela'.

- Keep R_IQ2000_max unchanged.
---
 bfd/elf32-iq2000.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

binutils-iq2000-bfd-unsupp-reloc.diff
Index: binutils/bfd/elf32-iq2000.c
===================================================================
--- binutils.orig/bfd/elf32-iq2000.c	2018-03-02 12:47:50.000000000 +0000
+++ binutils/bfd/elf32-iq2000.c	2018-04-03 19:08:01.522725278 +0100
@@ -22,6 +22,7 @@
 #include "libbfd.h"
 #include "elf-bfd.h"
 #include "elf/iq2000.h"
+#include "libiberty.h"
 
 /* Forward declarations.  */
 
@@ -435,7 +436,7 @@ iq2000_info_to_howto_rela (bfd * abfd AT
       break;
 
     default:
-      if (r_type >= (unsigned int) R_IQ2000_max)
+      if (r_type >= ARRAY_SIZE (iq2000_elf_howto_table))
 	{
 	  /* xgettext:c-format */
 	  _bfd_error_handler (_("%pB: unsupported relocation type %#x"),