asan: readelf: memory leaks

Message ID 20200314065310.GG23597@bubble.grove.modra.org
State New
Headers show
Series
  • asan: readelf: memory leaks
Related show

Commit Message

Jose E. Marchesi via Binutils March 14, 2020, 6:53 a.m.
* readelf.c (dump_section_as_strings): Free memory on error exit.
	(dump_section_as_bytes, process_notes_at): Likewise.
	(get_build_id): Free enote.


-- 
Alan Modra
Australia Development Lab, IBM

Patch

diff --git a/binutils/readelf.c b/binutils/readelf.c
index f36883cb64..b106e8c816 100644
--- a/binutils/readelf.c
+++ b/binutils/readelf.c
@@ -13682,7 +13682,7 @@  dump_section_as_strings (Elf_Internal_Shdr * section, Filedata * filedata)
 	    {
 	      warn (_("section '%s' has unsupported compress type: %d\n"),
 		    printable_section_name (filedata, section), chdr.ch_type);
-	      return FALSE;
+	      goto error_out;
 	    }
 	  uncompressed_size = chdr.ch_size;
 	  start += compression_header_size;
@@ -13714,7 +13714,7 @@  dump_section_as_strings (Elf_Internal_Shdr * section, Filedata * filedata)
 	    {
 	      error (_("Unable to decompress section %s\n"),
 		     printable_section_name (filedata, section));
-	      return FALSE;
+	      goto error_out;
 	    }
 	}
       else
@@ -13850,6 +13850,10 @@  dump_section_as_strings (Elf_Internal_Shdr * section, Filedata * filedata)
 
   putchar ('\n');
   return TRUE;
+
+error_out:
+  free (real_start);
+  return FALSE;
 }
 
 static bfd_boolean
@@ -13889,7 +13893,7 @@  dump_section_as_bytes (Elf_Internal_Shdr *  section,
 	    {
 	      warn (_("section '%s' has unsupported compress type: %d\n"),
 		    printable_section_name (filedata, section), chdr.ch_type);
-	      return FALSE;
+	      goto error_out;
 	    }
 	  uncompressed_size = chdr.ch_size;
 	  start += compression_header_size;
@@ -13924,7 +13928,7 @@  dump_section_as_bytes (Elf_Internal_Shdr *  section,
 	      error (_("Unable to decompress section %s\n"),
 		     printable_section_name (filedata, section));
 	      /* FIXME: Print the section anyway ?  */
-	      return FALSE;
+	      goto error_out;
 	    }
 	}
       else
@@ -13934,7 +13938,7 @@  dump_section_as_bytes (Elf_Internal_Shdr *  section,
   if (relocate)
     {
       if (! apply_relocations (filedata, section, start, section_size, NULL, NULL))
-	return FALSE;
+	goto error_out;
     }
   else
     {
@@ -14004,6 +14008,10 @@  dump_section_as_bytes (Elf_Internal_Shdr *  section,
 
   putchar ('\n');
   return TRUE;
+
+ error_out:
+  free (real_start);
+  return FALSE;
 }
 
 static ctf_sect_t *
@@ -14317,7 +14325,10 @@  get_build_id (void * data)
       if (align < 4)
         align = 4;
       else if (align != 4 && align != 8)
-        continue;
+	{
+	  free (enote);
+	  continue;
+	}
 
       end = (char *) enote + length;
       data_remaining = end - (char *) enote;
@@ -14330,6 +14341,7 @@  get_build_id (void * data)
 	      warn (_("\
 malformed note encountered in section %s whilst scanning for build-id note\n"),
 		    printable_section_name (filedata, shdr));
+	      free (enote);
               continue;
             }
           data_remaining -= min_notesz;
@@ -14356,6 +14368,7 @@  malformed note encountered in section %s whilst scanning for build-id note\n"),
 	      warn (_("\
 malformed note encountered in section %s whilst scanning for build-id note\n"),
 		    printable_section_name (filedata, shdr));
+	      free (enote);
               continue;
             }
           data_remaining -= min_notesz;
@@ -14380,6 +14393,7 @@  malformed note encountered in section %s whilst scanning for build-id note\n"),
 	  warn (_("\
 malformed note encountered in section %s whilst scanning for build-id note\n"),
 		printable_section_name (filedata, shdr));
+	  free (enote);
           continue;
         }
 
@@ -14394,14 +14408,19 @@  malformed note encountered in section %s whilst scanning for build-id note\n"),
 
           build_id = malloc (inote.descsz * 2 + 1);
           if (build_id == NULL)
-	    return NULL;
+	    {
+	      free (enote);
+	      return NULL;
+	    }
 
           for (j = 0; j < inote.descsz; ++j)
             sprintf (build_id + (j * 2), "%02x", inote.descdata[j] & 0xff);
           build_id[inote.descsz * 2] = '\0';
+	  free (enote);
 
           return (unsigned char *) build_id;
         }
+      free (enote);
     }
 
   return NULL;
@@ -19425,7 +19444,10 @@  process_notes_at (Filedata *           filedata,
       if (pnotes)
 	{
 	  if (! apply_relocations (filedata, section, (unsigned char *) pnotes, length, NULL, NULL))
-	    return FALSE;
+	    {
+	      free (pnotes);
+	      return FALSE;
+	    }
 	}
     }
   else