diff -rup binutils.orig/bfd/elf32-i386.c binutils-2.29/bfd/elf32-i386.c

--- binutils.orig/bfd/elf32-i386.c	2018-05-31 10:14:28.059641441 +0100

+++ binutils-2.29/bfd/elf32-i386.c	2018-05-31 10:15:09.362194799 +0100

@@ -6376,7 +6376,7 @@ elf_i386_get_synthetic_symtab (bfd *abfd

   for (j = 0; plts[j].name != NULL; j++)

     {

       plt = bfd_get_section_by_name (abfd, plts[j].name);

-      if (plt == NULL)

+      if (plt == NULL || plt->size == 0)

 	continue;

       /* Get the PLT section contents.  */

@@ -6392,7 +6392,9 @@ elf_i386_get_synthetic_symtab (bfd *abfd

       /* Check what kind of PLT it is.  */

       plt_type = plt_unknown;

-      if (plts[j].type == plt_unknown)

+      if (plts[j].type == plt_unknown

+	  && (plt->size >= (lazy_plt->plt0_entry_size

+			    + lazy_plt->plt_entry_size)))

 	{

 	  /* Match lazy PLT first.  */

 	  if (memcmp (plt_contents, lazy_plt->plt0_entry,

@@ -6401,7 +6403,7 @@ elf_i386_get_synthetic_symtab (bfd *abfd

 	      /* The fist entry in the lazy IBT PLT is the same as the

 		 normal lazy PLT.  */

 	      if (lazy_ibt_plt != NULL

-		  && (memcmp (plt_contents + lazy_ibt_plt->plt_entry_size,

+		  && (memcmp (plt_contents + lazy_ibt_plt->plt0_entry_size,

 			      lazy_ibt_plt->plt_entry,

 			      lazy_ibt_plt->plt_got_offset) == 0))

 		plt_type = plt_lazy | plt_second;

@@ -6414,7 +6416,7 @@ elf_i386_get_synthetic_symtab (bfd *abfd

 	      /* The fist entry in the PIC lazy IBT PLT is the same as

 		 the normal PIC lazy PLT.  */

 	      if (lazy_ibt_plt != NULL

-		  && (memcmp (plt_contents + lazy_ibt_plt->plt_entry_size,

+		  && (memcmp (plt_contents + lazy_ibt_plt->plt0_entry_size,

 			      lazy_ibt_plt->pic_plt_entry,

 			      lazy_ibt_plt->plt_got_offset) == 0))

 		plt_type = plt_lazy | plt_pic | plt_second;

@@ -6424,7 +6426,8 @@ elf_i386_get_synthetic_symtab (bfd *abfd

 	}

       if (non_lazy_plt != NULL

-	  && (plt_type == plt_unknown || plt_type == plt_non_lazy))

+	  && (plt_type == plt_unknown || plt_type == plt_non_lazy)

+	  && plt->size >= non_lazy_plt->plt_entry_size)

 	{

 	  /* Match non-lazy PLT.  */

 	  if (memcmp (plt_contents, non_lazy_plt->plt_entry,

@@ -6436,7 +6439,8 @@ elf_i386_get_synthetic_symtab (bfd *abfd

 	}

       if ((non_lazy_ibt_plt != NULL)

-	  && (plt_type == plt_unknown || plt_type == plt_second))

+	  && (plt_type == plt_unknown || plt_type == plt_second)

+	  && plt->size >= non_lazy_ibt_plt->plt_entry_size)

 	{

 	  if (memcmp (plt_contents,

 		      non_lazy_ibt_plt->plt_entry,

@@ -6494,6 +6498,9 @@ elf_i386_get_synthetic_symtab (bfd *abfd

 	got_addr = (bfd_vma) -1;

     }

+  if (count == 0)

+    return -1;

+

   size = count * sizeof (asymbol);

   s = *ret = (asymbol *) bfd_zmalloc (size);

   if (s == NULL)

Only in binutils-2.29/bfd/: elf32-i386.c.orig

diff -rup binutils.orig/bfd/elf64-x86-64.c binutils-2.29/bfd/elf64-x86-64.c

--- binutils.orig/bfd/elf64-x86-64.c	2018-05-31 10:14:28.078641236 +0100

+++ binutils-2.29/bfd/elf64-x86-64.c	2018-05-31 10:15:25.284022632 +0100

@@ -6756,7 +6756,7 @@ elf_x86_64_get_synthetic_symtab (bfd *ab

   for (j = 0; plts[j].name != NULL; j++)

     {

       plt = bfd_get_section_by_name (abfd, plts[j].name);

-      if (plt == NULL)

+      if (plt == NULL || plt->size == 0)

 	continue;

       /* Get the PLT section contents.  */

@@ -6772,7 +6772,9 @@ elf_x86_64_get_synthetic_symtab (bfd *ab

       /* Check what kind of PLT it is.  */

       plt_type = plt_unknown;

-      if (plts[j].type == plt_unknown)

+      if (plts[j].type == plt_unknown

+	  && (plt->size >= (lazy_plt->plt_entry_size

+			    + lazy_plt->plt_entry_size)))

 	{

 	  /* Match lazy PLT first.  Need to check the first two

 	     instructions.   */

@@ -6800,7 +6802,8 @@ elf_x86_64_get_synthetic_symtab (bfd *ab

 	}

       if (non_lazy_plt != NULL

-	  && (plt_type == plt_unknown || plt_type == plt_non_lazy))

+	  && (plt_type == plt_unknown || plt_type == plt_non_lazy)

+	  && plt->size >= non_lazy_plt->plt_entry_size)

 	{

 	  /* Match non-lazy PLT.  */

 	  if (memcmp (plt_contents, non_lazy_plt->plt_entry,

@@ -6811,6 +6814,7 @@ elf_x86_64_get_synthetic_symtab (bfd *ab

       if (plt_type == plt_unknown || plt_type == plt_second)

 	{

 	  if (non_lazy_bnd_plt != NULL

+	      && plt->size >= non_lazy_bnd_plt->plt_entry_size

 	      && (memcmp (plt_contents, non_lazy_bnd_plt->plt_entry,

 			  non_lazy_bnd_plt->plt_got_offset) == 0))

 	    {

@@ -6819,6 +6823,7 @@ elf_x86_64_get_synthetic_symtab (bfd *ab

 	      non_lazy_plt = non_lazy_bnd_plt;

 	    }

 	  else if (non_lazy_ibt_plt != NULL

+		   && plt->size >= non_lazy_ibt_plt->plt_entry_size

 		   && (memcmp (plt_contents,

 			       non_lazy_ibt_plt->plt_entry,

 			       non_lazy_ibt_plt->plt_got_offset) == 0))

@@ -6864,6 +6869,9 @@ elf_x86_64_get_synthetic_symtab (bfd *ab

       plts[j].contents = plt_contents;

     }

+  if (count == 0)

+    return -1;

+

   size = count * sizeof (asymbol);

   s = *ret = (asymbol *) bfd_zmalloc (size);

   if (s == NULL)

Only in binutils-2.29/bfd/: elf64-x86-64.c.orig