From f30d96d1c025d1a9c9453ed225f78d6b156da5f9 Mon Sep 17 00:00:00 2001
From: "H. Peter Anvin" <hpa@linux.intel.com>
Date: Thu, 11 Feb 2016 20:20:10 -0800
Subject: outmac64.c: Fix memory clobber bug, clean up memory free

Fix an array that was way too small resulting in memory overwrite
errors, and free a few more dynamic data structures.

Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
---
 output/outmac64.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/output/outmac64.c b/output/outmac64.c
index 76fa7ad3..5c8a0dc6 100644
--- a/output/outmac64.c
+++ b/output/outmac64.c
@@ -1016,7 +1016,7 @@ static void macho_calculate_sizes (void)
     }
 
     /* Create a table of sections by file index to avoid linear search */
-    sectstab = nasm_malloc(seg_nsects64 + 1);
+    sectstab = nasm_malloc((seg_nsects64 + 1) * sizeof(*sectstab));
     sectstab[0] = NULL;
     for (s = sects, fi = 1; s != NULL; s = s->next, fi++)
 	sectstab[fi] = s;
@@ -1456,14 +1456,15 @@ static void macho_cleanup(int debuginfo)
     saa_free(strs);
     raa_free(extsyms);
 
-    if (syms) {
-    while (syms->next) {
+    while (syms) {
        sym = syms;
        syms = syms->next;
-
        nasm_free (sym);
     }
-}
+
+    nasm_free(extdefsyms);
+    nasm_free(undefsyms);
+    nasm_free(sectstab);
 }
 
 /* Debugging routines.  */
-- 
cgit v1.2.1