From: Nick Clifton <nickc@redhat.com>
Date: Thu, 14 Sep 2017 10:15:55 +0000 (+0100)
Subject: Fix address violation when parsing a corrupt PE binary.
X-Git-Tag: users/gbenson/thread_db-test/2017-11-22~937
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4d465c689a8fb27212ef358d0aee89d60dee69a6;p=thirdparty%2Fbinutils-gdb.git

Fix address violation when parsing a corrupt PE binary.

	PR binutils/22113
	* peXXigen.c (pe_print_idata): Extend check for HintName vector
	entries.
---

diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 7c208cae7f8..3d807b9f6c3 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,9 @@
+2017-09-14  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/22113
+	* peXXigen.c (pe_print_idata): Extend check for HintName vector
+	entries.
+
 2017-09-13  H.J. Lu  <hongjiu.lu@intel.com>
 
 	* elfxx-x86.h: Fix a typo in comments.
diff --git a/bfd/peXXigen.c b/bfd/peXXigen.c
index d24c5f88bc3..db44053cc5d 100644
--- a/bfd/peXXigen.c
+++ b/bfd/peXXigen.c
@@ -1514,7 +1514,7 @@ pe_print_idata (bfd * abfd, void * vfile)
 			 member_high, member,
 			 WithoutHighBit (member_high), member);
 	      /* PR binutils/17512: Handle corrupt PE data.  */
-	      else if (amt + 2 >= datasize)
+	      else if (amt >= datasize || amt + 2 >= datasize)
 		fprintf (file, _("\t<corrupt: 0x%04lx>"), member);
 	      else
 		{
@@ -1548,11 +1548,12 @@ pe_print_idata (bfd * abfd, void * vfile)
 		break;
 
 	      amt = member - adj;
+
 	      if (HighBitSet (member))
 		fprintf (file, "\t%04lx\t %4lu  <none>",
 			 member, WithoutHighBit (member));
 	      /* PR binutils/17512: Handle corrupt PE data.  */
-	      else if (amt + 2 >= datasize)
+	      else if (amt >= datasize || amt + 2 >= datasize)
 		fprintf (file, _("\t<corrupt: 0x%04lx>"), member);
 	      else
 		{