diff options
author | Nick Clifton <nickc@redhat.com> | 2016-02-19 15:20:30 +0000 |
---|---|---|
committer | Nick Clifton <nickc@redhat.com> | 2016-02-19 15:20:30 +0000 |
commit | 737684142b3f7dfa6d440c8363750911a8ac20ce (patch) | |
tree | ab4ec688368d529170f0c88d248b8b67d524a0a6 | |
parent | b8ec4e871ef7650b852df9956841ee414766de59 (diff) | |
download | gdb-737684142b3f7dfa6d440c8363750911a8ac20ce.zip gdb-737684142b3f7dfa6d440c8363750911a8ac20ce.tar.gz gdb-737684142b3f7dfa6d440c8363750911a8ac20ce.tar.bz2 |
Fix a seg-fault in the linker when it encounters a corrupt binary containing a reloc with no associated symbol.
PR ld/19628
* reloc.c (bfd_generic_get_relocated_section_contents): Stop
processing if we encounter a reloc without an associated symbol.
-rw-r--r-- | bfd/ChangeLog | 6 | ||||
-rw-r--r-- | bfd/reloc.c | 11 |
2 files changed, 17 insertions, 0 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog index 1c9e201..b1b4047 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,9 @@ +2016-02-19 Nick Clifton <nickc@redhat.com> + + PR ld/19628 + * reloc.c (bfd_generic_get_relocated_section_contents): Stop + processing if we encounter a reloc without an associated symbol. + 2016-02-18 H.J. Lu <hongjiu.lu@intel.com> PR ld/19617 diff --git a/bfd/reloc.c b/bfd/reloc.c index 3ef704f..a1683d8 100644 --- a/bfd/reloc.c +++ b/bfd/reloc.c @@ -7939,6 +7939,7 @@ bfd_generic_get_relocated_section_contents (bfd *abfd, if (reloc_count > 0) { arelent **parent; + for (parent = reloc_vector; *parent != NULL; parent++) { char *error_message = NULL; @@ -7946,6 +7947,16 @@ bfd_generic_get_relocated_section_contents (bfd *abfd, bfd_reloc_status_type r; symbol = *(*parent)->sym_ptr_ptr; + /* PR ld/19628: A specially crafted input file + can result in a NULL symbol pointer here. */ + if (symbol == NULL) + { + link_info->callbacks->einfo + (_("%X%P: %B(%A): error: relocation for offset %V has no value\n"), + abfd, input_section, (* parent)->address); + goto error_return; + } + if (symbol->section && discarded_section (symbol->section)) { bfd_byte *p; |