From 4d465c689a8fb27212ef358d0aee89d60dee69a6 Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Thu, 14 Sep 2017 11:15:55 +0100
Subject: Fix address violation when parsing a corrupt PE binary.

	PR binutils/22113
	* peXXigen.c (pe_print_idata): Extend check for HintName vector
	entries.
---
 bfd/peXXigen.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'bfd/peXXigen.c')

diff --git a/bfd/peXXigen.c b/bfd/peXXigen.c
index d24c5f8..db44053 100644
--- a/bfd/peXXigen.c
+++ b/bfd/peXXigen.c
@@ -1514,7 +1514,7 @@ pe_print_idata (bfd * abfd, void * vfile)
 			 member_high, member,
 			 WithoutHighBit (member_high), member);
 	      /* PR binutils/17512: Handle corrupt PE data.  */
-	      else if (amt + 2 >= datasize)
+	      else if (amt >= datasize || amt + 2 >= datasize)
 		fprintf (file, _("\t<corrupt: 0x%04lx>"), member);
 	      else
 		{
@@ -1548,11 +1548,12 @@ pe_print_idata (bfd * abfd, void * vfile)
 		break;
 
 	      amt = member - adj;
+
 	      if (HighBitSet (member))
 		fprintf (file, "\t%04lx\t %4lu  <none>",
 			 member, WithoutHighBit (member));
 	      /* PR binutils/17512: Handle corrupt PE data.  */
-	      else if (amt + 2 >= datasize)
+	      else if (amt >= datasize || amt + 2 >= datasize)
 		fprintf (file, _("\t<corrupt: 0x%04lx>"), member);
 	      else
 		{
-- 
cgit v1.1