From: Alan Modra <amodra@gmail.com>
Date: Fri, 15 Jul 2016 07:32:00 +0000 (+0930)
Subject: COFF buffer overflow in mark_relocs
X-Git-Url: http://git.efficios.com/?a=commitdiff_plain;h=06ab6faf83ce47ca64198819eee02e4e56dc5a74;p=deliverable%2Fbinutils-gdb.git

COFF buffer overflow in mark_relocs

	* cofflink.c (mark_relocs): Exclude relocs with -1 r_symndx
	from marking sym_indices.
---

diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index a889e56c28..0fa96f246d 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,8 @@
+2016-07-15  Alan Modra  <amodra@gmail.com>
+
+	* cofflink.c (mark_relocs): Exclude relocs with -1 r_symndx
+	from marking sym_indices.
+
 2016-07-14  Maciej W. Rozycki  <macro@imgtec.com>
 
 	* reloc.c (bfd_perform_relocation): Try the `howto' handler
diff --git a/bfd/cofflink.c b/bfd/cofflink.c
index bcdf778ac0..0f6ef59f92 100644
--- a/bfd/cofflink.c
+++ b/bfd/cofflink.c
@@ -1398,7 +1398,8 @@ mark_relocs (struct coff_final_link_info *flaginfo, bfd *input_bfd)
 	 in the relocation table.  This will then be picked up in the
 	 skip/don't-skip pass.  */
       for (; irel < irelend; irel++)
-	flaginfo->sym_indices[ irel->r_symndx ] = -1;
+	if ((unsigned long) irel->r_symndx < obj_raw_syment_count (input_bfd))
+	  flaginfo->sym_indices[irel->r_symndx] = -1;
     }
 }