From 0c1438eb15a31098ba42427e0f48e4e5cc6bfe0b Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Tue, 25 Aug 2020 14:47:50 +0930
Subject: PR26430, ASAN: nacl_modify_segment_map elf-nacl.c:164

	PR 26430
	* elf-nacl.c (nacl_modify_segment_map): Correct alloc size and
	amount copied for elf_segment_map defined with one element
	sections array.
---
 bfd/elf-nacl.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'bfd/elf-nacl.c')

diff --git a/bfd/elf-nacl.c b/bfd/elf-nacl.c
index 3a232df..a7cd827 100644
--- a/bfd/elf-nacl.c
+++ b/bfd/elf-nacl.c
@@ -156,13 +156,13 @@ nacl_modify_segment_map (bfd *abfd, struct bfd_link_info *info)
 		  secdata->this_hdr.sh_addr = sec->vma;
 		  secdata->this_hdr.sh_size = sec->size;
 
-		  newseg = bfd_alloc (abfd,
-				      sizeof *newseg + ((seg->count + 1)
-							* sizeof (asection *)));
+		  newseg
+		    = bfd_alloc (abfd, (sizeof (*newseg)
+					+ seg->count * sizeof (asection *)));
 		  if (newseg == NULL)
 		    return FALSE;
-		  memcpy (newseg, seg,
-			  sizeof *newseg + (seg->count * sizeof (asection *)));
+		  memcpy (newseg, seg, (sizeof (*newseg) - sizeof (asection *)
+					+ seg->count * sizeof (asection *)));
 		  newseg->sections[newseg->count++] = sec;
 		  *m = seg = newseg;
 		}
-- 
cgit v1.1