--- /dev/null
+From 919383ac718c2a3187ee2a9ad659daa22da26258 Mon Sep 17 00:00:00 2001
+From: "Maciej W. Rozycki" <macro@imgtec.com>
+Date: Wed, 12 Apr 2017 00:02:13 +0100
+Subject: [PATCH] MIPS/readelf: Remove extraneous null GOT data check
+
+Null data is handled gracefully throughout in MIPS GOT processing, with
+addresses printed normally and unavailable data shown as `<unknown>' by
+`print_mips_got_entry', and special processing code for GOT[1] doing an
+explicit check. Remove an unwanted null GOT data check then, introduced
+with commit 592458412fb2 in the course of addressing PR binutils/12855.
+
+ binutils/
+ * readelf.c (process_mips_specific): Remove null GOT data check.
+
+Upstream-Status: Backport
+CVE: CVE-2017-9041 patch #1
+VER: <= 2.28
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+---
+ binutils/ChangeLog | 4 ++++
+ binutils/readelf.c | 3 +--
+ 2 files changed, 5 insertions(+), 2 deletions(-)
+
+Index: git/binutils/readelf.c
+===================================================================
+--- git.orig/binutils/readelf.c
++++ git/binutils/readelf.c
+@@ -14995,8 +14995,8 @@ process_mips_specific (FILE * file)
+ data = (unsigned char *) get_data (NULL, file, offset,
+ global_end - pltgot, 1,
+ _("Global Offset Table data"));
+- if (data == NULL)
+- return 0;
++
++ /* PR 12855: Null data is handled gracefully throughout. */
+ data_end = data + (global_end - pltgot);
+
+ printf (_("\nPrimary GOT:\n"));
+Index: git/bfd/ChangeLog
+===================================================================
+--- git.orig/bfd/ChangeLog
++++ git/bfd/ChangeLog
+@@ -1,3 +1,7 @@
++2017-04-25 Maciej W. Rozycki <macro@imgtec.com>
++
++ * readelf.c (process_mips_specific): Remove null GOT data check.
++
+ 2017-04-13 Nick Clifton <nickc@redhat.com>
+
+ PR binutils/21379
--- /dev/null
+From c4ab9505b53cdc899506ed421fddb7e1f8faf7a3 Mon Sep 17 00:00:00 2001
+From: "Maciej W. Rozycki" <macro@imgtec.com>
+Date: Wed, 12 Apr 2017 00:03:41 +0100
+Subject: [PATCH] MIPS/readelf: Simplify GOT[1] data availability check
+
+Unavailable data is handled gracefully in MIPS GOT processing done by
+`print_mips_got_entry', so all that is needed in special GOT[1] handling
+is to verify whether data can be retrieved for the purpose of the GNU
+marker check done with `byte_get'. Remove the extra error reporting
+code then, introduced with commit 75ec1fdbb797 ("Fix runtime seg-fault
+in readelf when parsing a corrupt MIPS binary.") in the course of
+addressing PR binutils/21344, and defer the error case to regular local
+GOT entry processing.
+
+ binutils/
+ * readelf.c (process_mips_specific): Remove error reporting from
+ GOT[1] processing.
+
+Upstream-Status: Backport
+CVE: CVE-2017-9041
+VER: <= 2.28
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+---
+ binutils/ChangeLog | 5 +++++
+ binutils/readelf.c | 32 ++++++++++++++------------------
+ 2 files changed, 19 insertions(+), 18 deletions(-)
+
+Index: git/binutils/readelf.c
+===================================================================
+--- git.orig/binutils/readelf.c
++++ git/binutils/readelf.c
+@@ -15013,24 +15013,20 @@ process_mips_specific (FILE * file)
+ if (ent == (bfd_vma) -1)
+ goto got_print_fail;
+
+- if (data)
++ /* Check for the MSB of GOT[1] being set, denoting a GNU object.
++ This entry will be used by some runtime loaders, to store the
++ module pointer. Otherwise this is an ordinary local entry.
++ PR 21344: Check for the entry being fully available before
++ fetching it. */
++ if (data
++ && data + ent - pltgot + addr_size <= data_end
++ && (byte_get (data + ent - pltgot, addr_size)
++ >> (addr_size * 8 - 1)) != 0)
+ {
+- /* PR 21344 */
+- if (data + ent - pltgot > data_end - addr_size)
+- {
+- error (_("Invalid got entry - %#lx - overflows GOT table\n"),
+- (long) ent);
+- goto got_print_fail;
+- }
+-
+- if (byte_get (data + ent - pltgot, addr_size)
+- >> (addr_size * 8 - 1) != 0)
+- {
+- ent = print_mips_got_entry (data, pltgot, ent, data_end);
+- printf (_(" Module pointer (GNU extension)\n"));
+- if (ent == (bfd_vma) -1)
+- goto got_print_fail;
+- }
++ ent = print_mips_got_entry (data, pltgot, ent, data_end);
++ printf (_(" Module pointer (GNU extension)\n"));
++ if (ent == (bfd_vma) -1)
++ goto got_print_fail;
+ }
+ printf ("\n");
+
+Index: git/bfd/ChangeLog
+===================================================================
+--- git.orig/bfd/ChangeLog
++++ git/bfd/ChangeLog
+@@ -1,4 +1,9 @@
+ 2017-04-25 Maciej W. Rozycki <macro@imgtec.com>
++
++ * readelf.c (process_mips_specific): Remove error reporting from
++ GOT[1] processing.
++
++2017-04-25 Maciej W. Rozycki <macro@imgtec.com>
+
+ * readelf.c (process_mips_specific): Remove null GOT data check.
+
