PR24041, Invalid Memory Address Dereference in elf_link_add_object_symbols

	PR 24041
	* elflink.c (elf_link_add_object_symbols): Don't segfault on
	crafted ET_DYN with no program headers.

diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index fbdd0c2..370466f 100644 (file)
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,5 +1,11 @@
 2018-12-31  Alan Modra  <amodra@gmail.com>
 
 2018-12-31  Alan Modra  <amodra@gmail.com>
 

+       PR 24041
+       * elflink.c (elf_link_add_object_symbols): Don't segfault on
+       crafted ET_DYN with no program headers.
+
+2018-12-31  Alan Modra  <amodra@gmail.com>
+

        * elf64-ppc.c (ppc64_elf_relocate_section <tls_ldgd_opt>): When
        editing an old-style __tls_get_addr call, replace a toc restore
        insn with a nop.
        * elf64-ppc.c (ppc64_elf_relocate_section <tls_ldgd_opt>): When
        editing an old-style __tls_get_addr call, replace a toc restore
        insn with a nop.

diff --git a/bfd/elflink.c b/bfd/elflink.c
index f5b411b..6e421fb 100644 (file)
--- a/bfd/elflink.c
+++ b/bfd/elflink.c
@@ -4186,7 +4186,7 @@ error_free_dyn:
         all sections contained fully therein.  This makes relro
         shared library sections appear as they will at run-time.  */
       phdr = elf_tdata (abfd)->phdr + elf_elfheader (abfd)->e_phnum;
         all sections contained fully therein.  This makes relro
         shared library sections appear as they will at run-time.  */
       phdr = elf_tdata (abfd)->phdr + elf_elfheader (abfd)->e_phnum;

-      while (--phdr >= elf_tdata (abfd)->phdr)
+      while (phdr-- > elf_tdata (abfd)->phdr)

        if (phdr->p_type == PT_GNU_RELRO)
          {
            for (s = abfd->sections; s != NULL; s = s->next)
        if (phdr->p_type == PT_GNU_RELRO)
          {
            for (s = abfd->sections; s != NULL; s = s->next)