From 8bdf0be19d2777565a8b1c88347f65d6a4b8c5fc Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Thu, 27 Jul 2017 12:04:50 +0100
Subject: Fix address violation issues encountered when parsing corrupt
 binaries.

	PR 21840
	* mach-o.c (bfd_mach_o_read_symtab_strtab): Fail if the symtab
	size is -1.
	* nlmcode.h (nlm_swap_auxiliary_headers_in): Replace assertion
	with error return.
	* section.c (bfd_make_section_with_flags): Fail if the name or bfd
	are NULL.
	* vms-alpha.c (bfd_make_section_with_flags): Correct computation
	of end pointer.
	(evax_bfd_print_emh): Check for invalid string lengths.
---
 bfd/nlmcode.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'bfd/nlmcode.h')

diff --git a/bfd/nlmcode.h b/bfd/nlmcode.h
index 6d6aed0..350c83e 100644
--- a/bfd/nlmcode.h
+++ b/bfd/nlmcode.h
@@ -351,7 +351,9 @@ nlm_swap_auxiliary_headers_in (bfd *abfd)
 	      bfd_byte *contents;
 	      bfd_byte *p, *pend;
 
-	      BFD_ASSERT (hdrLength == 0 && hdr == NULL);
+	      /* See PR 21840 for a reproducer.  */
+	      if (hdrLength != 0 || hdr != NULL)
+		return FALSE;
 
 	      pos = bfd_tell (abfd);
 	      if (bfd_seek (abfd, dataOffset, SEEK_SET) != 0)
-- 
cgit v1.1