PR26741, benign use after free in riscv_parse_prefixed_ext

ISO/IEC 9899:1999 C standard "J.2 Undefined behavior" says the
following is undefined behaviour:

"The value of a pointer that refers to space deallocated by a call to
the free or realloc function is used (7.20.3)."

	PR 26741
	* elfxx-riscv.c (riscv_parse_prefixed_ext): Free subset after
	calculating subset version length.

1 files changed, 1 insertions, 1 deletions

diff --git a/bfd/elfxx-riscv.c b/bfd/elfxx-riscv.c
index 9d7f606..101e27f 100644
--- a/bfd/elfxx-riscv.c
+++ b/bfd/elfxx-riscv.c
@@ -1572,8 +1572,8 @@ riscv_parse_prefixed_ext (riscv_parse_subset_t *rps,
       riscv_parse_add_subset (rps, subset,
 			      major_version,
 			      minor_version, FALSE);
-      free (subset);
       p += end_of_version - subset;
+      free (subset);
 
       if (*p != '\0' && *p != '_')
 	{