From 06ab6faf83ce47ca64198819eee02e4e56dc5a74 Mon Sep 17 00:00:00 2001 From: Alan Modra Date: Fri, 15 Jul 2016 17:02:00 +0930 Subject: [PATCH] COFF buffer overflow in mark_relocs * cofflink.c (mark_relocs): Exclude relocs with -1 r_symndx from marking sym_indices. --- bfd/ChangeLog | 5 +++++ bfd/cofflink.c | 3 ++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/bfd/ChangeLog b/bfd/ChangeLog index a889e56c28c..0fa96f246df 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,8 @@ +2016-07-15 Alan Modra + + * cofflink.c (mark_relocs): Exclude relocs with -1 r_symndx + from marking sym_indices. + 2016-07-14 Maciej W. Rozycki * reloc.c (bfd_perform_relocation): Try the `howto' handler diff --git a/bfd/cofflink.c b/bfd/cofflink.c index bcdf778ac0a..0f6ef59f924 100644 --- a/bfd/cofflink.c +++ b/bfd/cofflink.c @@ -1398,7 +1398,8 @@ mark_relocs (struct coff_final_link_info *flaginfo, bfd *input_bfd) in the relocation table. This will then be picked up in the skip/don't-skip pass. */ for (; irel < irelend; irel++) - flaginfo->sym_indices[ irel->r_symndx ] = -1; + if ((unsigned long) irel->r_symndx < obj_raw_syment_count (input_bfd)) + flaginfo->sym_indices[irel->r_symndx] = -1; } } -- 2.30.2