From ea6c5f03a50433be3c2acaabec1790c317448a2e Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 2 Oct 2014 23:07:06 +0200 Subject: [PATCH] pop3_perform_authentication: fix memory leak Coverity CID 1215287. There's a potential risk for a memory leak in here, and moving the free call to be unconditional seems like a cheap price to remove the risk. --- lib/pop3.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/pop3.c b/lib/pop3.c index dc64f8106..13528e3d5 100644 --- a/lib/pop3.c +++ b/lib/pop3.c @@ -560,8 +560,6 @@ static CURLcode pop3_perform_authentication(struct connectdata *conn) if(mech && (pop3c->preftype & POP3_TYPE_SASL)) { /* Perform SASL based authentication */ result = pop3_perform_auth(conn, mech, initresp, len, state1, state2); - - Curl_safefree(initresp); } #ifndef CURL_DISABLE_CRYPTO_AUTH else if((pop3c->authtypes & POP3_TYPE_APOP) && @@ -580,6 +578,8 @@ static CURLcode pop3_perform_authentication(struct connectdata *conn) } } + Curl_safefree(initresp); + return result; }