From 182ec6707c9fcca84d488413d4ddbbd9d12639fe Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Fri, 28 Feb 2020 13:02:42 +1030
Subject: [PATCH] alpha-vms: memory leak

	* vms-lib.c (_bfd_vms_lib_archive_p): Free memory on error paths.
---
 bfd/ChangeLog |  4 ++++
 bfd/vms-lib.c | 16 ++++++++++------
 2 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 57e6b7c923..157bff688f 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,7 @@
+2020-02-28  Alan Modra  <amodra@gmail.com>
+
+	* vms-lib.c (_bfd_vms_lib_archive_p): Free memory on error paths.
+
 2020-02-28  Alan Modra  <amodra@gmail.com>
 
 	* vms-alpha.c (alpha_vms_object_p): Use _bfd_malloc_and_read.
diff --git a/bfd/vms-lib.c b/bfd/vms-lib.c
index 29e213f8c3..65fd70a720 100644
--- a/bfd/vms-lib.c
+++ b/bfd/vms-lib.c
@@ -623,12 +623,16 @@ _bfd_vms_lib_archive_p (bfd *abfd, enum vms_lib_kind kind)
 
 	  if (sbm_off > reclen
 	      || reclen - sbm_off < sizeof (struct vms_dcxsbm))
-	    goto err;
+	    {
+	    err_free_buf:
+	      free (buf);
+	      goto err;
+	    }
 	  sbm = (struct vms_dcxsbm *) (buf + sbm_off);
 	  sbm_sz = bfd_getl16 (sbm->size);
 	  sbm_off += sbm_sz;
 	  if (sbm_off > reclen)
-	    goto err;
+	    goto err_free_buf;
 
 	  sbmdesc->min_char = sbm->min_char;
 	  BFD_ASSERT (sbmdesc->min_char == 0);
@@ -638,25 +642,25 @@ _bfd_vms_lib_archive_p (bfd *abfd, enum vms_lib_kind kind)
 	  if (sbm_sz < sizeof (struct vms_dcxsbm) + l + sbm_len
 	      || (tdata->nbr_dcxsbm > 1
 		  && sbm_sz < sizeof (struct vms_dcxsbm) + l + 3 * sbm_len))
-	    goto err;
+	    goto err_free_buf;
 	  sbmdesc->flags = (unsigned char *)bfd_alloc (abfd, l);
 	  off = bfd_getl16 (sbm->flags);
 	  if (off > sbm_sz
 	      || sbm_sz - off < l)
-	    goto err;
+	    goto err_free_buf;
 	  memcpy (sbmdesc->flags, (bfd_byte *) sbm + off, l);
 	  sbmdesc->nodes = (unsigned char *)bfd_alloc (abfd, 2 * sbm_len);
 	  off = bfd_getl16 (sbm->nodes);
 	  if (off > sbm_sz
 	      || sbm_sz - off < 2 * sbm_len)
-	    goto err;
+	    goto err_free_buf;
 	  memcpy (sbmdesc->nodes, (bfd_byte *) sbm + off, 2 * sbm_len);
 	  off = bfd_getl16 (sbm->next);
 	  if (off != 0)
 	    {
 	      if (off > sbm_sz
 		  || sbm_sz - off < 2 * sbm_len)
-		goto err;
+		goto err_free_buf;
 	      /* Read the 'next' array.  */
 	      sbmdesc->next = (unsigned short *) bfd_alloc (abfd, 2 * sbm_len);
 	      buf1 = (bfd_byte *) sbm + off;
-- 
2.34.1