Remove a double free in the BFD library triggered when parsing a corrupt file.
PR 25687 * elf.c (_bfd_elf_slurp_secondary_reloc_section): Remove redundant free. Add free on another failure path.
This commit is contained in:
parent
a225c9a869
commit
ecbbbdba71
|
@ -1,3 +1,9 @@
|
|||
2020-03-17 Nick Clifton <nickc@redhat.com>
|
||||
|
||||
PR 25687
|
||||
* elf.c (_bfd_elf_slurp_secondary_reloc_section): Remove redundant
|
||||
free. Add free on another failure path.
|
||||
|
||||
2020-03-16 Alan Modra <amodra@gmail.com>
|
||||
|
||||
PR 25675
|
||||
|
|
|
@ -12454,6 +12454,7 @@ _bfd_elf_slurp_secondary_reloc_section (bfd * abfd,
|
|||
reloc_count = NUM_SHDR_ENTRIES (hdr);
|
||||
if (_bfd_mul_overflow (reloc_count, sizeof (arelent), & amt))
|
||||
{
|
||||
free (native_relocs);
|
||||
bfd_set_error (bfd_error_file_too_big);
|
||||
result = FALSE;
|
||||
continue;
|
||||
|
@ -12472,7 +12473,8 @@ _bfd_elf_slurp_secondary_reloc_section (bfd * abfd,
|
|||
!= hdr->sh_size))
|
||||
{
|
||||
free (native_relocs);
|
||||
free (internal_relocs);
|
||||
/* The internal_relocs will be freed when
|
||||
the memory for the bfd is released. */
|
||||
result = FALSE;
|
||||
continue;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue