From a2a4d60d831e40350d96edd2f1cd55f430d04fd4 Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Mon, 15 Jun 2015 09:25:26 +0100
Subject: [PATCH] Fix a segmentation fault triggered when trying to handle an
 unresolved PE symbol with a very long name.

	PR ld/18466
	* emultempl/pe.em (pe_find_data_imports): Generate an error if a
	symbol name is too long to handle.
	* emultempl/pep.em (pep_find_data_imports): Likewise.
---
 ld/ChangeLog        |  7 +++++++
 ld/emultempl/pe.em  | 11 ++++++++++-
 ld/emultempl/pep.em | 11 ++++++++++-
 3 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/ld/ChangeLog b/ld/ChangeLog
index a12e5c91063..38dbb8bb351 100644
--- a/ld/ChangeLog
+++ b/ld/ChangeLog
@@ -1,3 +1,10 @@
+2015-06-15  Nick Clifton  <nickc@redhat.com>
+
+	PR ld/18466
+	* emultempl/pe.em (pe_find_data_imports): Generate an error if a
+	symbol name is too long to handle.
+	* emultempl/pep.em (pep_find_data_imports): Likewise.
+
 2015-06-12  Tristan Gingold  <gingold@adacore.com>
 
 	* NEWS: Mention new option.
diff --git a/ld/emultempl/pe.em b/ld/emultempl/pe.em
index 60882cef909..0a5dcbf6fba 100644
--- a/ld/emultempl/pe.em
+++ b/ld/emultempl/pe.em
@@ -1171,11 +1171,20 @@ pe_find_data_imports (void)
       if (undef->type == bfd_link_hash_undefined)
 	{
 	  /* C++ symbols are *long*.  */
-	  char buf[4096];
+#define BUF_SIZE 4096
+	  char buf[BUF_SIZE];
 
 	  if (pe_dll_extra_pe_debug)
 	    printf ("%s:%s\n", __FUNCTION__, undef->root.string);
 
+	  if (strlen (undef->root.string) > (BUF_SIZE - 6))
+	    {
+	      /* PR linker/18466.  */
+	      einfo (_("%P: internal error: symbol too long: %s\n"),
+		     undef->root.string);
+	      return;
+	    }
+
 	  sprintf (buf, "__imp_%s", undef->root.string);
 
 	  sym = bfd_link_hash_lookup (link_info.hash, buf, 0, 0, 1);
diff --git a/ld/emultempl/pep.em b/ld/emultempl/pep.em
index d6de792a7a6..bf362760dba 100644
--- a/ld/emultempl/pep.em
+++ b/ld/emultempl/pep.em
@@ -1151,11 +1151,20 @@ pep_find_data_imports (void)
       if (undef->type == bfd_link_hash_undefined)
 	{
 	  /* C++ symbols are *long*.  */
-	  char buf[4096];
+#define BUF_SIZE 4096
+	  char buf[BUF_SIZE];
 
 	  if (pep_dll_extra_pe_debug)
 	    printf ("%s:%s\n", __FUNCTION__, undef->root.string);
 
+	  if (strlen (undef->root.string) > (BUF_SIZE - 6))
+	    {
+	      /* PR linker/18466.  */
+	      einfo (_("%P: internal error: symbol too long: %s\n"),
+		     undef->root.string);
+	      return;
+	    }
+
 	  sprintf (buf, "__imp_%s", undef->root.string);
 
 	  sym = bfd_link_hash_lookup (link_info.hash, buf, 0, 0, 1);
-- 
2.30.2