[BUG] A use after free bug in rdfload.c

[ShangzhiXu]

File: rdfload.c
Bug Function: rdfload/rdf_relocate
Version: Git-master/nasm-2.15.05

Description: I'll use the Git-master version as an example. In rdfload [rdfload.c, line 56], which is called by main() [rdx.c, line56].

 m = rdfload(argv[1]);

Then, at [rdfload.c, line 111]:

rdfclose(&f->f);

freed &f->f and later returned f to m in main() [rdx.c, line56] above.
Then in main() [rdx.c, line 72]. :

rdf_relocate(m); 

It is likely to cause a UAF bug in the fprintf[rdfload.c, line 206] .

 fprintf(stderr, "%s: segment relocation not supported by this "
                    "loader\n", m->f.name);