Memory leak in process_abbrev_set

We may have added some abbrevs to the list before hitting an error.
Free the list elements too.  free_abbrev_list returns list->next so we
need to init it earlier to avoid an uninitialised memory access.

	* dwarf.c (process_abbrev_set): Call free_abbrev_list on errors.
	Set list->next earlier.

diff --git a/binutils/dwarf.c b/binutils/dwarf.c
index d6fc9fe991c2a57e97ed0b33cd52c877552658b6..d08f01cab79076b2d3e6f27f7de442d33c3b9271 100644 (file)
--- a/binutils/dwarf.c
+++ b/binutils/dwarf.c
@@ -990,6 +990,7 @@ process_abbrev_set (struct dwarf_section *section,
   list->first_abbrev = NULL;
   list->last_abbrev = NULL;
   list->raw = start;
+  list->next = NULL;
 
   while (start < end)
     {
@@ -1005,17 +1006,13 @@ process_abbrev_set (struct dwarf_section *section,
         the caller.  */
       if (start == end || entry == 0)
        {
-         list->next = NULL;
          list->start_of_next_abbrevs = start != end ? start : NULL;
          return list;
        }
 
       READ_ULEB (tag, start, end);
       if (start == end)
-       {
-         free (list);
-         return NULL;
-       }
+       return free_abbrev_list (list);
 
       children = *start++;
 
@@ -1050,8 +1047,7 @@ process_abbrev_set (struct dwarf_section *section,
   /* Report the missing single zero which ends the section.  */
   error (_("%s section not zero terminated\n"), section->name);
 
-  free (list);
-  return NULL;
+  return free_abbrev_list (list);
 }
 
 /* Return a sequence of abbrevs in SECTION starting at ABBREV_BASE