mirror of
https://github.com/moparisthebest/curl
synced 2024-12-22 08:08:50 -05:00
vauth: Fixed memory leak due to function returning without free
This patch allocates memory to "output_token" only when it is required so that memory is not leaked if function returns.
This commit is contained in:
parent
c6d3fa11e6
commit
dcdd4be352
@ -387,12 +387,6 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
|
|||||||
/* Release the package buffer as it is not required anymore */
|
/* Release the package buffer as it is not required anymore */
|
||||||
s_pSecFn->FreeContextBuffer(SecurityPackage);
|
s_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||||
|
|
||||||
/* Allocate the output buffer according to the max token size as indicated
|
|
||||||
by the security package */
|
|
||||||
output_token = malloc(token_max);
|
|
||||||
if(!output_token)
|
|
||||||
return CURLE_OUT_OF_MEMORY;
|
|
||||||
|
|
||||||
if(userp && *userp) {
|
if(userp && *userp) {
|
||||||
/* Populate our identity structure */
|
/* Populate our identity structure */
|
||||||
if(Curl_create_sspi_identity(userp, passwdp, &identity))
|
if(Curl_create_sspi_identity(userp, passwdp, &identity))
|
||||||
@ -418,11 +412,18 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
|
|||||||
&credentials, &expiry);
|
&credentials, &expiry);
|
||||||
if(status != SEC_E_OK) {
|
if(status != SEC_E_OK) {
|
||||||
Curl_sspi_free_identity(p_identity);
|
Curl_sspi_free_identity(p_identity);
|
||||||
free(output_token);
|
|
||||||
|
|
||||||
return CURLE_LOGIN_DENIED;
|
return CURLE_LOGIN_DENIED;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Allocate the output buffer according to the max token size as indicated
|
||||||
|
by the security package */
|
||||||
|
output_token = malloc(token_max);
|
||||||
|
if(!output_token) {
|
||||||
|
Curl_sspi_free_identity(p_identity);
|
||||||
|
return CURLE_OUT_OF_MEMORY;
|
||||||
|
}
|
||||||
|
|
||||||
/* Setup the challenge "input" security buffer if present */
|
/* Setup the challenge "input" security buffer if present */
|
||||||
chlg_desc.ulVersion = SECBUFFER_VERSION;
|
chlg_desc.ulVersion = SECBUFFER_VERSION;
|
||||||
chlg_desc.cBuffers = 3;
|
chlg_desc.cBuffers = 3;
|
||||||
|
Loading…
Reference in New Issue
Block a user