Fix a possible integer overflow problem when examining corrupt binaries using a 32-bit binutil.

PR 24005
	* objdump.c (load_specific_debug_section): Check for integer
	overflow before attempting to allocate contents.

binutils/ChangeLog

@@ -1,3 +1,9 @@
+2019-01-04  Nick Clifton  <nickc@redhat.com>
+
+	PR 24005
+	* objdump.c (load_specific_debug_section): Check for integer
+	overflow before attempting to allocate contents.
+
 2019-01-04  Nick Clifton  <nickc@redhat.com>
 
 	PR 24001
@@ -6,6 +12,7 @@
 	* objdump.c (dump_bfd): Free dhandle after printing out the debug
 	information.
 
+
 2019-01-01  Alan Modra  <amodra@gmail.com>
 
 	Update year range in copyright notice of all files.

binutils/objdump.c

@@ -2539,12 +2539,19 @@ load_specific_debug_section (enum dwarf_section_display_enum debug,
   section->reloc_info = NULL;
   section->num_relocs = 0;
   section->address = bfd_get_section_vma (abfd, sec);
+  section->user_data = sec;
   section->size = bfd_get_section_size (sec);
   amt = section->size + 1;
+  if (amt == 0 || amt > bfd_get_file_size (abfd))
+    {
+      section->start = NULL;
+      free_debug_section (debug);
+      printf (_("\nSection '%s' has an invalid size: %#llx.\n"),
+	      section->name, (unsigned long long) section->size);
+      return FALSE;
+    }
   section->start = contents = malloc (amt);
-  section->user_data = sec;
+  if (section->start == NULL
-  if (amt == 0
-      || section->start == NULL
       || !bfd_get_full_section_contents (abfd, sec, &contents))
     {
       free_debug_section (debug);