1 files changed, 106 insertions, 0 deletions
diff --git a/debian/patches/pr21135.diff b/debian/patches/pr21135.diff
new file mode 100644
index 0000000..88b358b
--- /dev/null
+++ b/debian/patches/pr21135.diff
@@ -0,0 +1,106 @@
+# DP: Fix PR binutils/21135, invalid read of section contents.
+
+From f055032e4e922f1e1a5e11026c7c2669fa2a7d19 Mon Sep 17 00:00:00 2001
+From: Nick Clifton <nickc@redhat.com>
+Date: Mon, 13 Feb 2017 15:04:37 +0000
+Subject: [PATCH] Fix invalid read of section contents whilst processing a
+ corrupt binary.
+
+	PR binutils/21135
+	* readelf.c (dump_section_as_bytes): Handle the case where
+	uncompress_section_contents returns false.
+	(dump_section_as_bytes, load_specific_debug_section): Likewise.
+
+---
+ binutils/ChangeLog |  6 ++++++
+ binutils/readelf.c | 16 ++++++++++++----
+ 2 files changed, 18 insertions(+), 4 deletions(-)
+
+2017-02-13  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/21135
+	* readelf.c (dump_section_as_bytes): Handle the case where
+	uncompress_section_contents returns false.
+	(dump_section_as_bytes, load_specific_debug_section): Likewise.
+
+Index: b/binutils/readelf.c
+===================================================================
+--- a/binutils/readelf.c
++++ b/binutils/readelf.c
+@@ -12668,10 +12668,18 @@ dump_section_as_strings (Elf_Internal_Sh
+ 	  new_size -= 12;
+ 	}
+ 
+-      if (uncompressed_size
+-	  && uncompress_section_contents (& start,
+-					  uncompressed_size, & new_size))
+-	num_bytes = new_size;
++      if (uncompressed_size)
++	{
++	  if (uncompress_section_contents (& start,
++					   uncompressed_size, & new_size))
++	    num_bytes = new_size;
++	  else
++	    {
++	      error (_("Unable to decompress section %s\n"),
++		     printable_section_name (section));
++	      return;
++	    }
++	}
+     }
+ 
+   /* If the section being dumped has relocations against it the user might
+@@ -12802,10 +12810,18 @@ dump_section_as_bytes (Elf_Internal_Shdr
+ 	  new_size -= 12;
+ 	}
+ 
+-      if (uncompressed_size
+-	  && uncompress_section_contents (& start, uncompressed_size,
+-					  & new_size))
+-	section_size = new_size;
++      if (uncompressed_size)
++	{
++	  if (uncompress_section_contents (& start, uncompressed_size,
++					   & new_size))
++	    section_size = new_size;
++	  else
++	    {
++	      error (_("Unable to decompress section %s\n"),
++		     printable_section_name (section));
++	      return;
++	    }
++	}
+     }
+ 
+   if (relocate)
+@@ -12955,14 +12971,22 @@ load_specific_debug_section (enum dwarf_
+ 	  size -= 12;
+ 	}
+ 
+-      if (uncompressed_size
+-	  && uncompress_section_contents (&start, uncompressed_size,
+-					  &size))
+-	{
+-	  /* Free the compressed buffer, update the section buffer
+-	     and the section size if uncompress is successful.  */
+-	  free (section->start);
+-	  section->start = start;
++      if (uncompressed_size)
++	{
++	  if (uncompress_section_contents (&start, uncompressed_size,
++					   &size))
++	    {
++	      /* Free the compressed buffer, update the section buffer
++		 and the section size if uncompress is successful.  */
++	      free (section->start);
++	      section->start = start;
++	    }
++	  else
++	    {
++	      error (_("Unable to decompress section %s\n"),
++		     printable_section_name (sec));
++	      return 0;
++	    }
+ 	}
+       section->size = size;
+     }