From 7e8b60085eb3e6f2c41bc0c00c0d759fa7f72780 Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Fri, 1 Sep 2017 11:20:51 +0100
Subject: [PATCH] Prevent an address violation parsing corrupt DWARF
 information by fixing the test for an overlong debug line info structure.

	PR 22059
	* dwarf2.c (decode_line_info): Fix test for an overlong line info
	structure.
---
 bfd/ChangeLog | 6 ++++++
 bfd/dwarf2.c  | 6 +++---
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index e0dd88fafad..8c6e8b14f75 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,9 @@
+2017-09-01  Nick Clifton  <nickc@redhat.com>
+
+	PR 22059
+	* dwarf2.c (decode_line_info): Fix test for an overlong line info
+	structure.
+
 2017-09-01  Nick Clifton  <nickc@redhat.com>
 
 	PR 22058
diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c
index 40a187a1a43..856c963985c 100644
--- a/bfd/dwarf2.c
+++ b/bfd/dwarf2.c
@@ -2096,12 +2096,12 @@ decode_line_info (struct comp_unit *unit, struct dwarf2_debug *stash)
       offset_size = 8;
     }
 
-  if (lh.total_length > stash->dwarf_line_size)
+  if (unit->line_offset + lh.total_length > stash->dwarf_line_size)
     {
       _bfd_error_handler
 	/* xgettext: c-format */
-	(_("Dwarf Error: Line info data is bigger (%#Lx) than the section (%#Lx)"),
-	 lh.total_length, stash->dwarf_line_size);
+	(_("Dwarf Error: Line info data is bigger (%#Lx) than the space remaining in the section (%#Lx)"),
+	 lh.total_length, stash->dwarf_line_size - unit->line_offset);
       bfd_set_error (bfd_error_bad_value);
       return NULL;
     }
-- 
2.30.2