From 4a9f7d653c089fdd8ca66a51caab7c9687f50cd1 Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Wed, 1 Aug 2018 14:42:37 +0100
Subject: [PATCH] Fix potential illegal memory access in AVR backend.

	* elf32-avr.c (avr_stub_name): Check for a NULL return from
	bfd_malloc.
---
 bfd/ChangeLog   | 5 +++++
 bfd/elf32-avr.c | 8 ++++----
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 117a8db..59b7266 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,8 @@
+2018-08-01  Nick Clifton  <nickc@redhat.com>
+
+	* elf32-avr.c (avr_stub_name): Check for a NULL return from
+	bfd_malloc.
+
 2018-08-01  Zenith  <zenith432@users.sourceforge.net>
 
 	PR 23460
diff --git a/bfd/elf32-avr.c b/bfd/elf32-avr.c
index 7087606..6d38d1d 100644
--- a/bfd/elf32-avr.c
+++ b/bfd/elf32-avr.c
@@ -3295,10 +3295,10 @@ avr_stub_name (const asection *symbol_section,
 
   len = 8 + 1 + 8 + 1 + 1;
   stub_name = bfd_malloc (len);
-
-  sprintf (stub_name, "%08x+%08x",
-	   symbol_section->id & 0xffffffff,
-	   (unsigned int) ((rela->r_addend & 0xffffffff) + symbol_offset));
+  if (stub_name != NULL)
+    sprintf (stub_name, "%08x+%08x",
+	     symbol_section->id & 0xffffffff,
+	     (unsigned int) ((rela->r_addend & 0xffffffff) + symbol_offset));
 
   return stub_name;
 }
-- 
2.7.4