diff options
| author | fullincome <fullincome@fullincome.ru> | 2020-08-26 13:15:15 +0300 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2020-08-26 22:54:11 +0200 |
| commit | 01e2679b4972e4cd15290d0e1b05cd0988cb5b5e (patch) | |
| tree | 116e6fa65e6ca07e0c7343fd88922b013d2bd11a | |
| parent | 99119fc8a329c131c8c19ab4d9f3e8848e6a22c1 (diff) | |
| download | curl-01e2679b4972e4cd15290d0e1b05cd0988cb5b5e.tar.gz | |
schannel: fix memory leak when using get_cert_location
The get_cert_location function allocates memory only on success.
Previously get_cert_location was able to allocate memory and return
error. It wasn't obvious and in this case the memory wasn't
released.
Fixes #5855
Closes #5860
| -rw-r--r-- | lib/vtls/schannel.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 1c1432d75..4707ecfec 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -346,6 +346,8 @@ set_ssl_ciphers(SCHANNEL_CRED *schannel_cred, char *ciphers) } #ifdef HAS_CLIENT_CERT_PATH + +/* Function allocates memory for store_path only if CURLE_OK is returned */ static CURLcode get_cert_location(TCHAR *path, DWORD *store_name, TCHAR **store_path, TCHAR **thumbprint) @@ -388,16 +390,16 @@ get_cert_location(TCHAR *path, DWORD *store_name, TCHAR **store_path, if(sep == NULL) return CURLE_SSL_CERTPROBLEM; + *thumbprint = sep + 1; + if(_tcslen(*thumbprint) != CERT_THUMBPRINT_STR_LEN) + return CURLE_SSL_CERTPROBLEM; + *sep = TEXT('\0'); *store_path = _tcsdup(store_path_start); *sep = TEXT('\\'); if(*store_path == NULL) return CURLE_OUT_OF_MEMORY; - *thumbprint = sep + 1; - if(_tcslen(*thumbprint) != CERT_THUMBPRINT_STR_LEN) - return CURLE_SSL_CERTPROBLEM; - return CURLE_OK; } #endif |