readelf: Don't leak lengths array when detecting an invalid hash chain.

In both handle_sysv_hash and handle_sysv_hash64 we check the has chain
isn't too long. If it is we would report an error and leak the lengths
array. Just clean up the array even in the error case.

Signed-off-by: Mark Wielaard <mark@klomp.org>

diff --git a/src/ChangeLog b/src/ChangeLog
index 83c8532..65f9dc7 100644 (file)
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,5 +1,11 @@
 2018-06-05  Mark Wielaard  <mark@klomp.org>
 
+       * readelf.c (handle_sysv_hash): Don't leak lengths array when
+       detecting an invalid chain.
+       (handle_sysv_hash64): Likewise.
+
+2018-06-05  Mark Wielaard  <mark@klomp.org>
+
        * readelf.c (print_debug_macro_section): Extend vendor array by one
        to include max DW_MACRO_hi_user opcode.
 

diff --git a/src/readelf.c b/src/readelf.c
index 11a9b0e..233312f 100644 (file)
--- a/src/readelf.c
+++ b/src/readelf.c
@@ -3213,7 +3213,12 @@ handle_sysv_hash (Ebl *ebl, Elf_Scn *scn, GElf_Shdr *shdr, size_t shstrndx)
          ++nsyms;
          ++chain_len;
          if (chain_len > nchain)
-           goto invalid_data;
+           {
+             error (0, 0, gettext ("invalid chain in sysv.hash section %d"),
+                    (int) elf_ndxscn (scn));
+             free (lengths);
+             return;
+           }
          if (maxlength < ++lengths[cnt])
            ++maxlength;
 
@@ -3274,7 +3279,12 @@ handle_sysv_hash64 (Ebl *ebl, Elf_Scn *scn, GElf_Shdr *shdr, size_t shstrndx)
          ++nsyms;
          ++chain_len;
          if (chain_len > nchain)
-           goto invalid_data;
+           {
+             error (0, 0, gettext ("invalid chain in sysv.hash64 section %d"),
+                    (int) elf_ndxscn (scn));
+             free (lengths);
+             return;
+           }
          if (maxlength < ++lengths[cnt])
            ++maxlength;