Fix off by one error when checking for empty note names.

	PR binutils/21439
	* readelf.c (print_gnu_build_attribute_name): Allow for an empty
	name field.

2 files changed, 16 insertions, 5 deletions

diff --git a/binutils/ChangeLog b/binutils/ChangeLog
index 8bb1fc5..9eea3a0 100644
--- a/binutils/ChangeLog
+++ b/binutils/ChangeLog
@@ -1,5 +1,11 @@
 2017-04-28  Nick Clifton  <nickc@redhat.com>
 
+	PR binutils/21439
+	* readelf.c (print_gnu_build_attribute_name): Allow for an empty
+	name field.
+
+2017-04-28  Nick Clifton  <nickc@redhat.com>
+
 	PR binutils/21437
 	* readelf.c (process_version_sections): Check for underflow when
 	computing the start address of the auxillary version data.
diff --git a/binutils/readelf.c b/binutils/readelf.c
index 72f9dda..fba6516 100644
--- a/binutils/readelf.c
+++ b/binutils/readelf.c
@@ -17037,17 +17037,22 @@ print_gnu_build_attribute_name (Elf_Internal_Note * pnote)
     {
     case GNU_BUILD_ATTRIBUTE_TYPE_NUMERIC:
       {
-	/* The -1 is because the name field is always 0 terminated, and we
-	   want to be able to ensure that the shift in the while loop below
-	   will not overflow.  */
-	unsigned int        bytes = (pnote->namesz - (name - pnote->namedata)) - 1;
+	unsigned int        bytes;
 	unsigned long long  val = 0;
 	unsigned int        shift = 0;
 	char *              decoded = NULL;
 
-	/* PR 21378 */
+	bytes = pnote->namesz - (name - pnote->namedata);
+	if (bytes > 0)
+	  /* The -1 is because the name field is always 0 terminated, and we
+	     want to be able to ensure that the shift in the while loop below
+	     will not overflow.  */
+	  -- bytes;
+
 	if (bytes > sizeof (val))
 	  {
+	    fprintf (stderr, "namesz %lx name %p namedata %p\n",
+		     pnote->namesz, name, pnote->namedata);
 	    error (_("corrupt numeric name field: too many bytes in the value: %x\n"),
 		   bytes);
 	    bytes = sizeof (val);