From af1461c41e2460f3675d7323a05c4e06bcab5cb5 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@bigpond.net.au>
Date: Fri, 16 Oct 2009 07:14:42 +0000
Subject: [PATCH] 	PR binutils/10785 	* coff-alpha.c
 (alpha_ecoff_get_elt_at_filepos): Don't bfd_alloc 	bim and bim->buffer. 
 bfd_malloc instead. 	* peicode.h (pe_ILF_build_a_bfd): Similarly. 
 (ILF_DATA_SIZE): Don't include bim. 	* opncls.c (bfd_close): Test
 bim->buffer non-NULL before freeing.

---
 bfd/ChangeLog    |  9 +++++++++
 bfd/coff-alpha.c | 11 ++++++-----
 bfd/opncls.c     |  4 +++-
 bfd/peicode.h    | 28 +++++++++++++++++-----------
 4 files changed, 35 insertions(+), 17 deletions(-)

diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 3a9a823b5f..bff11d99c0 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,12 @@
+2009-10-16  Alan Modra  <amodra@bigpond.net.au>
+
+	PR binutils/10785
+	* coff-alpha.c (alpha_ecoff_get_elt_at_filepos): Don't bfd_alloc
+	bim and bim->buffer.  bfd_malloc instead.
+	* peicode.h (pe_ILF_build_a_bfd): Similarly.
+	(ILF_DATA_SIZE): Don't include bim.
+	* opncls.c (bfd_close): Test bim->buffer non-NULL before freeing.
+
 2009-10-14  Alan Modra  <amodra@bigpond.net.au>
 
 	* aoutx.h (aout_link_check_ar_symbols): Typo fix.
diff --git a/bfd/coff-alpha.c b/bfd/coff-alpha.c
index cd69043a26..0d67264cf8 100644
--- a/bfd/coff-alpha.c
+++ b/bfd/coff-alpha.c
@@ -2120,6 +2120,7 @@ alpha_ecoff_get_elt_at_filepos (archive, filepos)
   bfd_byte *buf, *p;
   struct bfd_in_memory *bim;
 
+  buf = NULL;
   nbfd = _bfd_get_elt_at_filepos (archive, filepos);
   if (nbfd == NULL)
     goto error_return;
@@ -2151,16 +2152,14 @@ alpha_ecoff_get_elt_at_filepos (archive, filepos)
     goto error_return;
   size = H_GET_64 (nbfd, ab);
 
-  if (size == 0)
-    buf = NULL;
-  else
+  if (size != 0)
     {
       bfd_size_type left;
       bfd_byte dict[4096];
       unsigned int h;
       bfd_byte b;
 
-      buf = (bfd_byte *) bfd_alloc (nbfd, size);
+      buf = (bfd_byte *) bfd_malloc (size);
       if (buf == NULL)
 	goto error_return;
       p = buf;
@@ -2214,7 +2213,7 @@ alpha_ecoff_get_elt_at_filepos (archive, filepos)
 
   /* Now the uncompressed file contents are in buf.  */
   bim = ((struct bfd_in_memory *)
-	 bfd_alloc (nbfd, (bfd_size_type) sizeof (struct bfd_in_memory)));
+	 bfd_malloc ((bfd_size_type) sizeof (struct bfd_in_memory)));
   if (bim == NULL)
     goto error_return;
   bim->size = size;
@@ -2230,6 +2229,8 @@ alpha_ecoff_get_elt_at_filepos (archive, filepos)
   return nbfd;
 
  error_return:
+  if (buf != NULL)
+    free (buf);
   if (nbfd != NULL)
     bfd_close (nbfd);
   return NULL;
diff --git a/bfd/opncls.c b/bfd/opncls.c
index a0374e31dc..3337efe0e8 100644
--- a/bfd/opncls.c
+++ b/bfd/opncls.c
@@ -709,7 +709,9 @@ bfd_close (bfd *abfd)
 	 vector.
 	 Until that's done, at least don't leak memory.  */
       struct bfd_in_memory *bim = (struct bfd_in_memory *) abfd->iostream;
-      free (bim->buffer);
+
+      if (bim->buffer != NULL)
+	free (bim->buffer);
       free (bim);
       ret = TRUE;
     }
diff --git a/bfd/peicode.h b/bfd/peicode.h
index 8be8e70ed6..8f25ef9b33 100644
--- a/bfd/peicode.h
+++ b/bfd/peicode.h
@@ -422,7 +422,6 @@ pe_bfd_copy_private_bfd_data (bfd *ibfd, bfd *obfd)
 #define SIZEOF_ILF_SECTIONS     (NUM_ILF_SECTIONS * sizeof (struct coff_section_tdata))
 
 #define ILF_DATA_SIZE				\
-      sizeof (* vars.bim)			\
     + SIZEOF_ILF_SYMS				\
     + SIZEOF_ILF_SYM_TABLE			\
     + SIZEOF_ILF_NATIVE_SYMS			\
@@ -780,15 +779,16 @@ pe_ILF_build_a_bfd (bfd *           abfd,
 
      We are going to construct the contents of the BFD in memory,
      so allocate all the space that we will need right now.  */
-  ptr = (bfd_byte *) bfd_zalloc (abfd, (bfd_size_type) ILF_DATA_SIZE);
-  if (ptr == NULL)
+  vars.bim
+    = (struct bfd_in_memory *) bfd_malloc ((bfd_size_type) sizeof (*vars.bim));
+  if (vars.bim == NULL)
     return FALSE;
 
-  /* Create a bfd_in_memory structure.  */
-  vars.bim = (struct bfd_in_memory *) ptr;
+  ptr = (bfd_byte *) bfd_zmalloc ((bfd_size_type) ILF_DATA_SIZE);
   vars.bim->buffer = ptr;
   vars.bim->size   = ILF_DATA_SIZE;
-  ptr += sizeof (* vars.bim);
+  if (ptr == NULL)
+    goto error_return;
 
   /* Initialise the pointers to regions of the memory and the
      other contents of the pe_ILF_vars structure as well.  */
@@ -842,7 +842,7 @@ pe_ILF_build_a_bfd (bfd *           abfd,
   id4 = pe_ILF_make_a_section (& vars, ".idata$4", SIZEOF_IDATA4, 0);
   id5 = pe_ILF_make_a_section (& vars, ".idata$5", SIZEOF_IDATA5, 0);
   if (id4 == NULL || id5 == NULL)
-    return FALSE;
+    goto error_return;
 
   /* Fill in the contents of these sections.  */
   if (import_name_type == IMPORT_ORDINAL)
@@ -869,7 +869,7 @@ pe_ILF_build_a_bfd (bfd *           abfd,
       /* Create .idata$6 - the Hint Name Table.  */
       id6 = pe_ILF_make_a_section (& vars, ".idata$6", SIZEOF_IDATA6, 0);
       if (id6 == NULL)
-	return FALSE;
+	goto error_return;
 
       /* If necessary, trim the import symbol name.  */
       symbol = symbol_name;
@@ -936,7 +936,7 @@ pe_ILF_build_a_bfd (bfd *           abfd,
       /* Create the .text section.  */
       text = pe_ILF_make_a_section (& vars, ".text", jtab[i].size, SEC_CODE);
       if (text == NULL)
-	return FALSE;
+	goto error_return;
 
       /* Copy in the jump code.  */
       memcpy (text->contents, jtab[i].data, jtab[i].size);
@@ -985,10 +985,10 @@ pe_ILF_build_a_bfd (bfd *           abfd,
 
   if (   ! bfd_set_start_address (abfd, (bfd_vma) 0)
       || ! bfd_coff_set_arch_mach_hook (abfd, & internal_f))
-    return FALSE;
+    goto error_return;
 
   if (bfd_coff_mkobject_hook (abfd, (void *) & internal_f, NULL) == NULL)
-    return FALSE;
+    goto error_return;
 
   coff_data (abfd)->pe = 1;
 #ifdef THUMBPEMAGIC
@@ -1050,6 +1050,12 @@ pe_ILF_build_a_bfd (bfd *           abfd,
   abfd->flags |= HAS_SYMS;
 
   return TRUE;
+
+ error_return:
+  if (vars.bim->buffer != NULL)
+    free (vars.bim->buffer);
+  free (vars.bim);
+  return FALSE;
 }
 
 /* We have detected a Image Library Format archive element.
-- 
2.11.0