moparisthebest
/
curl
mirror of https://github.com/moparisthebest/curl
1
0
Fork 0
Code Issues Releases Wiki Activity

vauth: Fix memleak by freeing credentials if out of memory 

This is a follow up to the parent commit dcdd4be which fixes one leak
but creates another by failing to free the credentials handle if out of
memory. Also there's a second location a few lines down where we fail to
do same. This commit fixes both of those issues.
This commit is contained in:
Jay Satiro 2016-07-20 22:00:45 -04:00
parent dcdd4be352
commit c5cffce56e
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/vauth/digest_sspi.c
View File

@ -420,7 +420,10 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
by the security package */
output_token = malloc(token_max);
if(!output_token) {
s_pSecFn->FreeCredentialsHandle(&credentials);
Curl_sspi_free_identity(p_identity);
return CURLE_OUT_OF_MEMORY;
}
@ -448,6 +451,8 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
spn = Curl_convert_UTF8_to_tchar((char *) uripath);
if(!spn) {
s_pSecFn->FreeCredentialsHandle(&credentials);
Curl_sspi_free_identity(p_identity);
free(output_token);