diff -rup binutils.orig/bfd/elf32-i386.c binutils-2.29/bfd/elf32-i386.c
--- binutils.orig/bfd/elf32-i386.c	2018-05-31 10:14:28.059641441 +0100
+++ binutils-2.29/bfd/elf32-i386.c	2018-05-31 10:15:09.362194799 +0100
@@ -6376,7 +6376,7 @@ elf_i386_get_synthetic_symtab (bfd *abfd
   for (j = 0; plts[j].name != NULL; j++)
     {
       plt = bfd_get_section_by_name (abfd, plts[j].name);
-      if (plt == NULL)
+      if (plt == NULL || plt->size == 0)
 	continue;
 
       /* Get the PLT section contents.  */
@@ -6392,7 +6392,9 @@ elf_i386_get_synthetic_symtab (bfd *abfd
 
       /* Check what kind of PLT it is.  */
       plt_type = plt_unknown;
-      if (plts[j].type == plt_unknown)
+      if (plts[j].type == plt_unknown
+	  && (plt->size >= (lazy_plt->plt0_entry_size
+			    + lazy_plt->plt_entry_size)))
 	{
 	  /* Match lazy PLT first.  */
 	  if (memcmp (plt_contents, lazy_plt->plt0_entry,
@@ -6401,7 +6403,7 @@ elf_i386_get_synthetic_symtab (bfd *abfd
 	      /* The fist entry in the lazy IBT PLT is the same as the
 		 normal lazy PLT.  */
 	      if (lazy_ibt_plt != NULL
-		  && (memcmp (plt_contents + lazy_ibt_plt->plt_entry_size,
+		  && (memcmp (plt_contents + lazy_ibt_plt->plt0_entry_size,
 			      lazy_ibt_plt->plt_entry,
 			      lazy_ibt_plt->plt_got_offset) == 0))
 		plt_type = plt_lazy | plt_second;
@@ -6414,7 +6416,7 @@ elf_i386_get_synthetic_symtab (bfd *abfd
 	      /* The fist entry in the PIC lazy IBT PLT is the same as
 		 the normal PIC lazy PLT.  */
 	      if (lazy_ibt_plt != NULL
-		  && (memcmp (plt_contents + lazy_ibt_plt->plt_entry_size,
+		  && (memcmp (plt_contents + lazy_ibt_plt->plt0_entry_size,
 			      lazy_ibt_plt->pic_plt_entry,
 			      lazy_ibt_plt->plt_got_offset) == 0))
 		plt_type = plt_lazy | plt_pic | plt_second;
@@ -6424,7 +6426,8 @@ elf_i386_get_synthetic_symtab (bfd *abfd
 	}
 
       if (non_lazy_plt != NULL
-	  && (plt_type == plt_unknown || plt_type == plt_non_lazy))
+	  && (plt_type == plt_unknown || plt_type == plt_non_lazy)
+	  && plt->size >= non_lazy_plt->plt_entry_size)
 	{
 	  /* Match non-lazy PLT.  */
 	  if (memcmp (plt_contents, non_lazy_plt->plt_entry,
@@ -6436,7 +6439,8 @@ elf_i386_get_synthetic_symtab (bfd *abfd
 	}
 
       if ((non_lazy_ibt_plt != NULL)
-	  && (plt_type == plt_unknown || plt_type == plt_second))
+	  && (plt_type == plt_unknown || plt_type == plt_second)
+	  && plt->size >= non_lazy_ibt_plt->plt_entry_size)
 	{
 	  if (memcmp (plt_contents,
 		      non_lazy_ibt_plt->plt_entry,
@@ -6494,6 +6498,9 @@ elf_i386_get_synthetic_symtab (bfd *abfd
 	got_addr = (bfd_vma) -1;
     }
 
+  if (count == 0)
+    return -1;
+
   size = count * sizeof (asymbol);
   s = *ret = (asymbol *) bfd_zmalloc (size);
   if (s == NULL)
Only in binutils-2.29/bfd/: elf32-i386.c.orig
diff -rup binutils.orig/bfd/elf64-x86-64.c binutils-2.29/bfd/elf64-x86-64.c
--- binutils.orig/bfd/elf64-x86-64.c	2018-05-31 10:14:28.078641236 +0100
+++ binutils-2.29/bfd/elf64-x86-64.c	2018-05-31 10:15:25.284022632 +0100
@@ -6756,7 +6756,7 @@ elf_x86_64_get_synthetic_symtab (bfd *ab
   for (j = 0; plts[j].name != NULL; j++)
     {
       plt = bfd_get_section_by_name (abfd, plts[j].name);
-      if (plt == NULL)
+      if (plt == NULL || plt->size == 0)
 	continue;
 
       /* Get the PLT section contents.  */
@@ -6772,7 +6772,9 @@ elf_x86_64_get_synthetic_symtab (bfd *ab
 
       /* Check what kind of PLT it is.  */
       plt_type = plt_unknown;
-      if (plts[j].type == plt_unknown)
+      if (plts[j].type == plt_unknown
+	  && (plt->size >= (lazy_plt->plt_entry_size
+			    + lazy_plt->plt_entry_size)))
 	{
 	  /* Match lazy PLT first.  Need to check the first two
 	     instructions.   */
@@ -6800,7 +6802,8 @@ elf_x86_64_get_synthetic_symtab (bfd *ab
 	}
 
       if (non_lazy_plt != NULL
-	  && (plt_type == plt_unknown || plt_type == plt_non_lazy))
+	  && (plt_type == plt_unknown || plt_type == plt_non_lazy)
+	  && plt->size >= non_lazy_plt->plt_entry_size)
 	{
 	  /* Match non-lazy PLT.  */
 	  if (memcmp (plt_contents, non_lazy_plt->plt_entry,
@@ -6811,6 +6814,7 @@ elf_x86_64_get_synthetic_symtab (bfd *ab
       if (plt_type == plt_unknown || plt_type == plt_second)
 	{
 	  if (non_lazy_bnd_plt != NULL
+	      && plt->size >= non_lazy_bnd_plt->plt_entry_size
 	      && (memcmp (plt_contents, non_lazy_bnd_plt->plt_entry,
 			  non_lazy_bnd_plt->plt_got_offset) == 0))
 	    {
@@ -6819,6 +6823,7 @@ elf_x86_64_get_synthetic_symtab (bfd *ab
 	      non_lazy_plt = non_lazy_bnd_plt;
 	    }
 	  else if (non_lazy_ibt_plt != NULL
+		   && plt->size >= non_lazy_ibt_plt->plt_entry_size
 		   && (memcmp (plt_contents,
 			       non_lazy_ibt_plt->plt_entry,
 			       non_lazy_ibt_plt->plt_got_offset) == 0))
@@ -6864,6 +6869,9 @@ elf_x86_64_get_synthetic_symtab (bfd *ab
       plts[j].contents = plt_contents;
     }
 
+  if (count == 0)
+    return -1;
+
   size = count * sizeof (asymbol);
   s = *ret = (asymbol *) bfd_zmalloc (size);
   if (s == NULL)
Only in binutils-2.29/bfd/: elf64-x86-64.c.orig