From: Nick Clifton <nickc@redhat.com>
Date: Thu, 3 Sep 2020 15:11:43 +0000 (+0100)
Subject: Fix a division by zero error when processing secondary relocs in a fuzzed input file.
X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=ac267c754cecd2bbbfc71feb9ca8ec84f6754cb4;p=binutils-gdb.git

Fix a division by zero error when processing secondary relocs in a fuzzed input file.

	PR 26521
	* elf.c (_bfd_elf_write_secondary_reloc_section): Check for
	secondary reloc sections with a zero sh_entsize field.
---

diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 2dc5b542fb1..1b58f9517ce 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,9 @@
+2020-09-03  Nick Clifton  <nickc@redhat.com>
+
+	PR 26521
+	* elf.c (_bfd_elf_write_secondary_reloc_section): Check for
+	secondary reloc sections with a zero sh_entsize field.
+
 2020-09-03  Nelson Chu  <nelson.chu@sifive.com>
 
 	* elfnn-riscv.c (riscv_i_or_e_p): Minor cleanup for warnings/errors.
diff --git a/bfd/elf.c b/bfd/elf.c
index f32118ad404..ac2095f787d 100644
--- a/bfd/elf.c
+++ b/bfd/elf.c
@@ -12847,6 +12847,17 @@ _bfd_elf_write_secondary_reloc_section (bfd *abfd, asection *sec)
 	      continue;
 	    }
 
+	  if (hdr->sh_entsize == 0)
+	    {
+	      _bfd_error_handler
+		/* xgettext:c-format */
+		(_("%pB(%pA): error: secondary reloc section has zero sized entries"),
+		 abfd, relsec);
+	      bfd_set_error (bfd_error_bad_value);
+	      result = FALSE;
+	      continue;
+	    }
+
 	  reloc_count = hdr->sh_size / hdr->sh_entsize;
 	  if (reloc_count <= 0)
 	    {