From 92bcd04fcd97f261ff40e9248e00a1dbebf3a536 Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Tue, 27 May 2025 03:37:50 -0700
Subject: [PATCH] Backport fix for PR 32644(CVE-2025-1182)

Fix another illegal memory access triggered by corrupt ELF input files.

PR 32644

(cherry picked from commit:b425859021d17adf62f06fb904797cf8642986ad)
Upstream-Status: Submitted [https://sourceware.org/pipermail/binutils/2025-May/141415.html]
CVE: CVE-2025-1182

Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
---
 bfd/elflink.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/bfd/elflink.c b/bfd/elflink.c
index 6346d7e2b4b..a0b237b2224 100644
--- a/bfd/elflink.c
+++ b/bfd/elflink.c
@@ -15084,6 +15084,10 @@ bfd_elf_reloc_symbol_deleted_p (bfd_vma offset, void *cookie)
 	}
       else
 	{
+	  if (r_symndx >= rcookie->locsymcount)
+	    /* This can happen with corrupt input.  */
+	    return false;
+
 	  /* It's not a relocation against a global symbol,
 	     but it could be a relocation against a local
 	     symbol for a discarded section.  */
-- 
2.49.0