diff --git a/include/llvm/Object/ELF.h b/include/llvm/Object/ELF.h
index c06fa75231b..31f42f5f50c 100644
--- a/include/llvm/Object/ELF.h
+++ b/include/llvm/Object/ELF.h
@@ -399,9 +399,11 @@ ELFFile<ELFT>::getSection(uint32_t Index) const {
   if (Index >= getNumSections())
     return object_error::invalid_section_index;
 
-  return reinterpret_cast<const Elf_Shdr *>(
-      reinterpret_cast<const char *>(SectionHeaderTable) +
-      (Index * Header->e_shentsize));
+  const uint8_t *Addr = reinterpret_cast<const uint8_t *>(SectionHeaderTable) +
+                        (Index * Header->e_shentsize);
+  if (Addr >= base() + getBufSize())
+    return object_error::invalid_section_index;
+  return reinterpret_cast<const Elf_Shdr *>(Addr);
 }
 
 template <class ELFT>
diff --git a/test/Object/Inputs/invalid-section-index2.elf b/test/Object/Inputs/invalid-section-index2.elf
new file mode 100644
index 00000000000..7667637519c
Binary files /dev/null and b/test/Object/Inputs/invalid-section-index2.elf differ
diff --git a/test/Object/invalid.test b/test/Object/invalid.test
index 9f5587422d1..d940789b6dc 100644
--- a/test/Object/invalid.test
+++ b/test/Object/invalid.test
@@ -41,7 +41,7 @@ RUN: not llvm-readobj --dyn-symbols %p/Inputs/invalid-sh_entsize.elf 2>&1 | File
 INVALID-DYNSYM-SIZE: Invalid entity size
 
 RUN: not llvm-readobj -t %p/Inputs/invalid-section-index.elf 2>&1 | FileCheck --check-prefix=INVALID-SECTION-INDEX %s
-
+RUN: not llvm-readobj -t %p/Inputs/invalid-section-index2.elf 2>&1 | FileCheck --check-prefix=INVALID-SECTION-INDEX %s
 INVALID-SECTION-INDEX: Invalid section index
 
 RUN: not llvm-readobj -s %p/Inputs/invalid-section-size.elf 2>&1 | FileCheck --check-prefix=INVALID-SECTION-SIZE %s