Fix a problem in readelf where memcpy could be called with a NULL second argument.

	* readelf.c (request_dump_bynumber): Only call memcpy if
	dump_sects is not NULL.

diff --git a/binutils/ChangeLog b/binutils/ChangeLog
index 5ab28f8..4b3a746 100644 (file)
--- a/binutils/ChangeLog
+++ b/binutils/ChangeLog
@@ -1,3 +1,8 @@
+2016-09-06  Nick Clifton  <nickc@redhat.com>
+
+       * readelf.c (request_dump_bynumber): Only call memcpy if
+       dump_sects is not NULL.
+
 2016-08-29  H.J. Lu  <hongjiu.lu@intel.com>
 
        * readelf.c (load_specific_debug_section): Check the external

diff --git a/binutils/readelf.c b/binutils/readelf.c
index a99c521..c9bce2e 100644 (file)
--- a/binutils/readelf.c
+++ b/binutils/readelf.c
@@ -4238,10 +4238,13 @@ request_dump_bynumber (unsigned int section, dump_type type)
        error (_("Out of memory allocating dump request table.\n"));
       else
        {
-         /* Copy current flag settings.  */
-         memcpy (new_dump_sects, dump_sects, num_dump_sects * sizeof (* dump_sects));
+         if (dump_sects)
+           {
+             /* Copy current flag settings.  */
+             memcpy (new_dump_sects, dump_sects, num_dump_sects * sizeof (* dump_sects));
 
-         free (dump_sects);
+             free (dump_sects);
+           }
 
          dump_sects = new_dump_sects;
          num_dump_sects = section + 1;