From 4d465c689a8fb27212ef358d0aee89d60dee69a6 Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Thu, 14 Sep 2017 11:15:55 +0100
Subject: [PATCH] Fix address violation when parsing a corrupt PE binary.

	PR binutils/22113
	* peXXigen.c (pe_print_idata): Extend check for HintName vector
	entries.
---
 bfd/ChangeLog  | 6 ++++++
 bfd/peXXigen.c | 5 +++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 7c208ca..3d807b9 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,9 @@
+2017-09-14  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/22113
+	* peXXigen.c (pe_print_idata): Extend check for HintName vector
+	entries.
+
 2017-09-13  H.J. Lu  <hongjiu.lu@intel.com>
 
 	* elfxx-x86.h: Fix a typo in comments.
diff --git a/bfd/peXXigen.c b/bfd/peXXigen.c
index d24c5f8..db44053 100644
--- a/bfd/peXXigen.c
+++ b/bfd/peXXigen.c
@@ -1514,7 +1514,7 @@ pe_print_idata (bfd * abfd, void * vfile)
 			 member_high, member,
 			 WithoutHighBit (member_high), member);
 	      /* PR binutils/17512: Handle corrupt PE data.  */
-	      else if (amt + 2 >= datasize)
+	      else if (amt >= datasize || amt + 2 >= datasize)
 		fprintf (file, _("\t<corrupt: 0x%04lx>"), member);
 	      else
 		{
@@ -1548,11 +1548,12 @@ pe_print_idata (bfd * abfd, void * vfile)
 		break;
 
 	      amt = member - adj;
+
 	      if (HighBitSet (member))
 		fprintf (file, "\t%04lx\t %4lu  <none>",
 			 member, WithoutHighBit (member));
 	      /* PR binutils/17512: Handle corrupt PE data.  */
-	      else if (amt + 2 >= datasize)
+	      else if (amt >= datasize || amt + 2 >= datasize)
 		fprintf (file, _("\t<corrupt: 0x%04lx>"), member);
 	      else
 		{
-- 
2.7.4