[committed v3 4/6] PR binutils/22875: Visium/ELF: Prevent an out-of-bounds howto table access

["Maciej W. Rozycki" <macro at mips dot com>]

Prevent an out-of-bounds `visium_elf_howto_table' table access in 
`visium_info_to_howto_rela' by using the size of the table rather than 
R_VISIUM_max to determine the number of entries in the contiguous 
regular Visium relocation range defined and described in the table.

	bfd/
	* elf32-visium.c (visium_info_to_howto_rela): Correct the range
	check for `visium_elf_howto_table' table access.
---
On Thu, 29 Mar 2018, Eric Botcazou wrote:

> Yes, thanks for catching this.

 Thanks for your review.  Here's what I have ultimately applied, following 
Alan's suggestion and having regression-tested it.

  Maciej

Changes from v2:

- Use ARRAY_SIZE on `visium_elf_howto_table' to prevent an out-of-bounds
  table access in `visium_info_to_howto_rela'.

- Keep R_VISIUM_max unchanged.

Changes from v1:

- Correct patch included.
---
 bfd/elf32-visium.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

binutils-visium-bfd-unsupp-reloc.diff
Index: binutils/bfd/elf32-visium.c
===================================================================
--- binutils.orig/bfd/elf32-visium.c	2018-03-02 12:47:51.000000000 +0000
+++ binutils/bfd/elf32-visium.c	2018-04-03 19:09:24.324591277 +0100
@@ -25,6 +25,7 @@
 #include "libbfd.h"
 #include "elf-bfd.h"
 #include "elf/visium.h"
+#include "libiberty.h"
 
 static bfd_reloc_status_type visium_elf_howto_parity_reloc
   (bfd *, arelent *, asymbol *, PTR, asection *, bfd *, char **);
@@ -475,7 +476,7 @@ visium_info_to_howto_rela (bfd *abfd, ar
       break;
 
     default:
-      if (r_type >= (unsigned int) R_VISIUM_max)
+      if (r_type >= ARRAY_SIZE (visium_elf_howto_table))
 	{
 	  /* xgettext:c-format */
 	  _bfd_error_handler (_("%pB: unsupported relocation type %#x"),