From 0d76029f92182c3682d8be2c833d45bc9a2068fe Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Sun, 24 Sep 2017 14:35:33 +0930
Subject: [PATCH] PR22167, NULL pointer dereference in scan_unit_for_symbols

	PR 22167
	* dwarf2.c (scan_unit_for_symbols): Check u.blk->data is non-NULL.

Upstream-Status: Backport
Affects: <= 2.29.1
CVE: CVE-2017-14940
Signed-off-by: Armin Kuster <akuster@mvista.com>

---
 bfd/ChangeLog | 5 +++++
 bfd/dwarf2.c  | 3 ++-
 2 files changed, 7 insertions(+), 1 deletion(-)

Index: git/bfd/dwarf2.c
===================================================================
--- git.orig/bfd/dwarf2.c
+++ git/bfd/dwarf2.c
@@ -3202,7 +3202,8 @@ scan_unit_for_symbols (struct comp_unit
 		    case DW_FORM_block2:
 		    case DW_FORM_block4:
 		    case DW_FORM_exprloc:
-		      if (*attr.u.blk->data == DW_OP_addr)
+		      if (attr.u.blk->data != NULL
+			  && *attr.u.blk->data == DW_OP_addr)
 			{
 			  var->stack = 0;
 
Index: git/bfd/ChangeLog
===================================================================
--- git.orig/bfd/ChangeLog
+++ git/bfd/ChangeLog
@@ -1,5 +1,10 @@
 2017-09-24  Alan Modra  <amodra@gmail.com>
  
+       PR 22167
+       * dwarf2.c (scan_unit_for_symbols): Check u.blk->data is non-NULL.
+
+2017-09-24  Alan Modra  <amodra@gmail.com>
+ 
        PR 22169
        * dwarf2.c (decode_line_info): Correct .debug_line unit_length check.