Fix a buffer overrun when parsing a corrupt MIPS ELF binary.

	PR 21995
	* readelf.c (process_mips_specific): Add checks for a NULL data
	pointer.

diff --git a/binutils/ChangeLog b/binutils/ChangeLog
index 92d8602546be442e4e7662c4efcb0cfeea6def5c..53ac9feb6412c05ab0ebfffb77226c47293a279b 100644 (file)
--- a/binutils/ChangeLog
+++ b/binutils/ChangeLog
@@ -1,3 +1,9 @@
+2017-09-05  Nick Clifton  <nickc@redhat.com>
+
+       PR 21995
+       * readelf.c (process_mips_specific): Add checks for a NULL data
+       pointer.
+
 2017-09-05  Alexander Fedotov <alexander.fedotov@nxp.com>
            Edmar Wienskoski <edmar.wienskoski@nxp.com
 

diff --git a/binutils/readelf.c b/binutils/readelf.c
index 571da2cf7c879dc267edc0150c0b3a5d35d55bba..d61417aabb073587cf5fc9ccc88a2b68cdfbc8b9 100644 (file)
--- a/binutils/readelf.c
+++ b/binutils/readelf.c
@@ -15324,7 +15324,7 @@ process_mips_specific (FILE * file)
              printf ("\n");
            }
 
-         if (ent < end)
+         if (data != NULL && ent < end)
            {
              printf (_(" Local entries:\n"));
              printf ("  %*s %10s %*s\n",
@@ -15854,7 +15854,7 @@ process_mips_specific (FILE * file)
        }
       printf ("\n");
 
-      if (ent < local_end)
+      if (data != NULL && ent < local_end)
        {
          printf (_(" Local entries:\n"));
          printf ("  %*s %10s %*s\n",
@@ -15870,7 +15870,7 @@ process_mips_specific (FILE * file)
          printf ("\n");
        }
 
-      if (gotsym < symtabno)
+      if (data != NULL && gotsym < symtabno)
        {
          int sym_width;