1
0
mirror of https://github.com/moparisthebest/curl synced 2025-01-11 05:58:01 -05:00

schannel: fix memory leak when using get_cert_location

The get_cert_location function allocates memory only on success.
Previously get_cert_location was able to allocate memory and return
error. It wasn't obvious and in this case the memory wasn't
released.

Fixes #5855
Closes #5860
This commit is contained in:
fullincome 2020-08-26 13:15:15 +03:00 committed by Daniel Stenberg
parent 99119fc8a3
commit 01e2679b49
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2

View File

@ -346,6 +346,8 @@ set_ssl_ciphers(SCHANNEL_CRED *schannel_cred, char *ciphers)
} }
#ifdef HAS_CLIENT_CERT_PATH #ifdef HAS_CLIENT_CERT_PATH
/* Function allocates memory for store_path only if CURLE_OK is returned */
static CURLcode static CURLcode
get_cert_location(TCHAR *path, DWORD *store_name, TCHAR **store_path, get_cert_location(TCHAR *path, DWORD *store_name, TCHAR **store_path,
TCHAR **thumbprint) TCHAR **thumbprint)
@ -388,16 +390,16 @@ get_cert_location(TCHAR *path, DWORD *store_name, TCHAR **store_path,
if(sep == NULL) if(sep == NULL)
return CURLE_SSL_CERTPROBLEM; return CURLE_SSL_CERTPROBLEM;
*thumbprint = sep + 1;
if(_tcslen(*thumbprint) != CERT_THUMBPRINT_STR_LEN)
return CURLE_SSL_CERTPROBLEM;
*sep = TEXT('\0'); *sep = TEXT('\0');
*store_path = _tcsdup(store_path_start); *store_path = _tcsdup(store_path_start);
*sep = TEXT('\\'); *sep = TEXT('\\');
if(*store_path == NULL) if(*store_path == NULL)
return CURLE_OUT_OF_MEMORY; return CURLE_OUT_OF_MEMORY;
*thumbprint = sep + 1;
if(_tcslen(*thumbprint) != CERT_THUMBPRINT_STR_LEN)
return CURLE_SSL_CERTPROBLEM;
return CURLE_OK; return CURLE_OK;
} }
#endif #endif