CVE-2022-38126: Memory leak in binutils BFD read_abbrevs() — unlinked cur_abbrev->attrs not freed on bfd_realloc failure

In bfd/dwarf2.c, the function read_abbrevs() leaks heap memory when bfd_realloc() fails while growing the attribute array (cur_abbrev->attrs) for a DWARF abbreviation entry that has NOT yet been linked into the abbrevs[] hash table.

Root cause: cur_abbrev (bfd_zalloc'd) is linked into abbrevs[] AFTER the inner for(;;) attribute loop completes (lines 1116-1118). If bfd_realloc fails inside that loop (line 1101-1103), execution jumps to the fail label. The fail block only iterates abbrevs[] — it never sees cur_abbrev. So cur_abbrev->attrs (a regular-heap allocation from the previous successful bfd_realloc call) is leaked permanently.

Secondary issue: the fail block also calls free(abbrevs) on bfd_zalloc'd (objalloc) memory, which is undefined behavior.

Triggerable by a crafted ELF/DWARF file with an abbreviation entry containing more than ATTR_ALLOC_CHUNK (typically 4) attributes, forcing the second realloc chunk allocation.