From bcac413c3058b8528d4a5a413ae7b374e9cc8531 Mon Sep 17 00:00:00 2001
From: Thomas Preud'homme <robotux@celest.fr>
Date: Mon, 28 Jan 2013 19:13:25 +0100
Subject: [PATCH] Fix overflow detection in ARM relocation

Fix overflow detection for R_ARM_CALL, R_ARM_PC24, R_ARM_JUMP24 and
R_ARM_PLT32 relocations on ARM. 26 bits means 25 bits for positive and
negative offsets !
---
 tccelf.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tccelf.c b/tccelf.c
index b5eea079..a4dee195 100644
--- a/tccelf.c
+++ b/tccelf.c
@@ -613,14 +613,14 @@ ST_FUNC void relocate_section(TCCState *s1, Section *s)
                 x += val - addr;
                 h = x & 2;
 #ifndef TCC_TARGET_PE
-                if ((x & 3) || x >= 0x4000000 || x < -0x4000000)
+                if ((x & 3) || x >= 0x2000000 || x < -0x2000000)
                     if (!(x & 3) || !blx_avail || !is_call)
                         if (s1->output_type == TCC_OUTPUT_MEMORY) {
                             x += add_jmp_table(s1, val) - val; /* add veneer */
                             is_thumb = 0; /* Veneer uses ARM instructions */
                         }
 #endif
-                if ((x & 3) || x >= 0x4000000 || x < -0x4000000)
+                if ((x & 3) || x >= 0x2000000 || x < -0x2000000)
                     if (!(x & 3) || !blx_avail || !is_call)
                         tcc_error("can't relocate value at %x",addr);
                 x >>= 2;
-- 
2.11.4.GIT