diff -rup binutils-2.23.52.0.1.orig/bfd/archive.c binutils-2.23.52.0.1/bfd/archive.c
--- binutils-2.23.52.0.1.orig/bfd/archive.c	2015-06-29 15:44:32.451766994 +0100
+++ binutils-2.23.52.0.1/bfd/archive.c	2015-06-29 15:45:34.835157059 +0100
@@ -1299,6 +1299,8 @@ _bfd_slurp_extended_name_table (bfd *abf
 	{
 	byebye:
 	  free (namedata);
+	  bfd_ardata (abfd)->extended_names = NULL;
+	  bfd_ardata (abfd)->extended_names_size = 0;
 	  return FALSE;
 	}
 
--- binutils-2.23.52.0.1.orig/bfd/archive.c	2015-10-13 15:04:39.212512284 +0100
+++ binutils-2.23.52.0.1/bfd/archive.c	2015-10-13 15:06:44.960238452 +0100
@@ -1292,6 +1292,9 @@ _bfd_slurp_extended_name_table (bfd *abf
       amt = namedata->parsed_size;
       if (amt + 1 == 0)
 	goto byebye;
+      /* PR binutils/17533: A corrupt archive can contain an invalid size.  */
+      if (amt > (bfd_size_type) bfd_get_size (abfd))
+       goto byebye;
 
       bfd_ardata (abfd)->extended_names_size = amt;
       bfd_ardata (abfd)->extended_names = (char *) bfd_zalloc (abfd, amt + 1);
@@ -1309,7 +1312,6 @@ _bfd_slurp_extended_name_table (bfd *abf
 	  if (bfd_get_error () != bfd_error_system_call)
 	    bfd_set_error (bfd_error_malformed_archive);
 	  bfd_release (abfd, (bfd_ardata (abfd)->extended_names));
-	  bfd_ardata (abfd)->extended_names = NULL;
 	  goto byebye;
 	}