PR24339, segfault on NULL symbol section

	PR 24339
	* elflink.c (elf_link_add_object_symbols): Bail out on a local
	symbol after globals if elf_bad_symtab is not set.

diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index eacd828..b044fad 100644 (file)
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,5 +1,11 @@
 2019-03-15  Alan Modra  <amodra@gmail.com>
 
+       PR 24339
+       * elflink.c (elf_link_add_object_symbols): Bail out on a local
+       symbol after globals if elf_bad_symtab is not set.
+
+2019-03-15  Alan Modra  <amodra@gmail.com>
+
        PR 24337
        * elf.c (_bfd_elf_rela_local_sym): Don't segfault on NULL sec.
        (_bfd_elf_rel_local_sym): Likewise.

diff --git a/bfd/elflink.c b/bfd/elflink.c
index 2600c39..09990a4 100644 (file)
--- a/bfd/elflink.c
+++ b/bfd/elflink.c
@@ -4442,7 +4442,13 @@ error_free_dyn:
             global symbols follow all local symbols, and that sh_info
             point to the first global symbol.  Unfortunately, Irix 5
             screws this up.  */
-         continue;
+         if (elf_bad_symtab (abfd))
+           continue;
+
+         /* If we aren't prepared to handle locals within the globals
+             then we'll likely segfault on a NULL section.  */
+         bfd_set_error (bfd_error_bad_value);
+         goto error_free_vers;
 
        case STB_GLOBAL:
          if (isym->st_shndx != SHN_UNDEF && !common)