- Christian Krause reported and fixed a memory leak that would occur with HTTP

GSS/kerberos authentication (http://curl.haxx.se/bug/view.cgi?id=2284386)

CHANGES

@@ -7,6 +7,9 @@
                                   Changelog
 
 Daniel Stenberg (19 Nov 2008)
+- Christian Krause reported and fixed a memory leak that would occur with HTTP
+  GSS/kerberos authentication (http://curl.haxx.se/bug/view.cgi?id=2284386)
+
 - Andreas Wurf and Markus Koetter helped me analyze a problem that Andreas got
   when uploading files to a single FTP server using multiple easy handle
   handles with the multi interface. Occasionally a handle would stall in

RELEASE-NOTES

@@ -19,6 +19,7 @@ This release includes the following bugfixes:
    used
  o re-use of connections with the multi interface when multiple handles used
    the same server
+ o memory leak with HTTP GSS/kerberos authentication
 
 This release includes the following known bugs:
 

lib/http.c

@@ -458,6 +458,10 @@ CURLcode Curl_http_auth_act(struct connectdata *conn)
   }
 
   if(pickhost || pickproxy) {
+    /* In case this is GSS auth, the newurl field is already allocated so
+       we must make sure to free it before allocating a new one. As figured
+       out in bug #2284386 */
+    Curl_safefree(data->req.newurl);
     data->req.newurl = strdup(data->change.url); /* clone URL */
     if(!data->req.newurl)
       return CURLE_OUT_OF_MEMORY;