blob: 08412108da813f9b8a120f4156c4fb20a1d73dc7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
From 4581a1c7d304ce14e714b27522ebf3d0188d6543 Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Wed, 29 Nov 2017 17:12:12 +0000
Subject: [PATCH] Check for a NULL symbol pointer when reading relocs from a
COFF based file.
PR 22509
* coffcode.h (coff_slurp_reloc_table): Check for a NULL symbol
pointer when processing relocs.
Upstream-Status: Backport
Affects: <= 2.29.1
CVE: CVE-2017-17123
Signed-off-by: Armin Kuster <akuster@mvista.com>
---
bfd/ChangeLog | 6 ++++++
bfd/coffcode.h | 2 +-
2 files changed, 7 insertions(+), 1 deletion(-)
Index: git/bfd/coffcode.h
===================================================================
--- git.orig/bfd/coffcode.h
+++ git/bfd/coffcode.h
@@ -5326,7 +5326,7 @@ coff_slurp_reloc_table (bfd * abfd, sec_
#else
cache_ptr->address = dst.r_vaddr;
- if (dst.r_symndx != -1)
+ if (dst.r_symndx != -1 && symbols != NULL)
{
if (dst.r_symndx < 0 || dst.r_symndx >= obj_conv_table_size (abfd))
{
|
