Fix a seg-fault in the linker when it encounters a corrupt binary containing a reloc with no associated symbol.

PR ld/19628 * reloc.c (bfd_generic_get_relocated_section_contents): Stop processing if we encounter a reloc without an associated symbol.
2016-02-19 15:20:30 +00:00 · 2016-02-19 15:20:30 +00:00 · 737684142b
parent b8ec4e871e
commit 737684142b
2 changed files with 17 additions and 0 deletions
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@ -1,3 +1,9 @@
+2016-02-19  Nick Clifton  <nickc@redhat.com>
+
+	PR ld/19628
+	* reloc.c (bfd_generic_get_relocated_section_contents): Stop
+	processing if we encounter a reloc without an associated symbol.
+
 2016-02-18  H.J. Lu  <hongjiu.lu@intel.com>

 	PR ld/19617
--- a/bfd/reloc.c
+++ b/bfd/reloc.c
@ -7939,6 +7939,7 @@ bfd_generic_get_relocated_section_contents (bfd *abfd,
  if (reloc_count > 0)
    {
      arelent **parent;
+
      for (parent = reloc_vector; *parent != NULL; parent++)
 	{
 	  char *error_message = NULL;
@ -7946,6 +7947,16 @@ bfd_generic_get_relocated_section_contents (bfd *abfd,
 	  bfd_reloc_status_type r;

 	  symbol = *(*parent)->sym_ptr_ptr;
+	  /* PR ld/19628: A specially crafted input file
+	     can result in a NULL symbol pointer here.  */
+	  if (symbol == NULL)
+	    {
+	      link_info->callbacks->einfo
+		(_("%X%P: %B(%A): error: relocation for offset %V has no value\n"),
+		 abfd, input_section, (* parent)->address);
+	      goto error_return;
+	    }
+
 	  if (symbol->section && discarded_section (symbol->section))
 	    {
 	      bfd_byte *p;