3 files changed, 14 insertions, 3 deletions

diff --git a/ChangeLog b/ChangeLog
index 87ace92..2c607d9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2014-09-29  Carlos O'Donell  <carlos@redhat.com>
+	    Matthew LeGendre  <legendre1@llnl.gov>
+
+	[BZ #17411]
+	* elf/dl-reloc.c (_dl_relocate_object): Allocate correct amount for
+	l_reloc_result.
+
 2014-09-29  Kostya Serebryany  <konstantin.s.serebryany@gmail.com>
 
 	* stdio-common/printf_fp.c
diff --git a/NEWS b/NEWS
index 94c0656..ef98268 100644
--- a/NEWS
+++ b/NEWS
@@ -9,7 +9,7 @@ Version 2.21
 
 * The following bugs are resolved with this release:
 
-  6652, 14171, 17266, 17363, 17370, 17371.
+  6652, 14171, 17266, 17363, 17370, 17371, 17411.
 
 Version 2.20
 
diff --git a/elf/dl-reloc.c b/elf/dl-reloc.c
index d2c6dac..97a7119 100644
--- a/elf/dl-reloc.c
+++ b/elf/dl-reloc.c
@@ -279,8 +279,12 @@ _dl_relocate_object (struct link_map *l, struct r_scope_elem *scope[],
 			      l->l_name);
 	  }
 
-	l->l_reloc_result = calloc (sizeof (l->l_reloc_result[0]),
-				    l->l_info[DT_PLTRELSZ]->d_un.d_val);
+	size_t sizeofrel = l->l_info[DT_PLTREL]->d_un.d_val == DT_RELA
+			   ? sizeof (ElfW(Rela))
+			   : sizeof (ElfW(Rel));
+	size_t relcount = l->l_info[DT_PLTRELSZ]->d_un.d_val / sizeofrel;
+	l->l_reloc_result = calloc (sizeof (l->l_reloc_result[0]), relcount);
+
 	if (l->l_reloc_result == NULL)
 	  {
 	    errstring = N_("\