From 548227a55b97b2d48d7c41a1006e0691270d1d81 Mon Sep 17 00:00:00 2001
From: John Reiser <jreiser@BitWagon.com>
Date: Sat, 4 May 2024 09:56:34 -0700
Subject: [PATCH] mb_dt_offsets.clear() prevents undef from corrupted input

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66344&q=label%3AProj-upx
	modified:   p_lx_elf.cpp
---
 src/p_lx_elf.cpp | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/p_lx_elf.cpp b/src/p_lx_elf.cpp
index 27f038ff..93334941 100644
--- a/src/p_lx_elf.cpp
+++ b/src/p_lx_elf.cpp
@@ -1989,6 +1989,7 @@ void
 PackLinuxElf32::sort_DT32_offsets(Elf32_Dyn const *const dynp0)
 {
     mb_dt_offsets.alloc(sizeof(unsigned) * sizeof(dt_keys)/sizeof(dt_keys[0]));
+    mb_dt_offsets.clear();
     dt_offsets = (unsigned *)mb_dt_offsets.getVoidPtr();
     unsigned n_off = 0, k;
     for (unsigned j=0; ((k = dt_keys[j]),  k); ++j) {
@@ -7909,6 +7910,7 @@ void
 PackLinuxElf64::sort_DT64_offsets(Elf64_Dyn const *const dynp0)
 {
     mb_dt_offsets.alloc(sizeof(unsigned) * sizeof(dt_keys)/sizeof(dt_keys[0]));
+    mb_dt_offsets.clear();
     dt_offsets = (unsigned *)mb_dt_offsets.getVoidPtr();
     unsigned n_off = 0, k;
     for (unsigned j=0; ((k = dt_keys[j]),  k); ++j) {