From ccb98bb7095571e81f0fba0f74a1c7be74af3301 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 24 Sep 2018 14:05:24 +0200
Subject: Curl_retry_request: fix memory leak

Detected by OSS-Fuzz

Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10648
---
 lib/transfer.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/lib/transfer.c b/lib/transfer.c
index 6a80bf31a..efd929279 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -1705,8 +1705,13 @@ CURLcode Curl_retry_request(struct connectdata *conn,
 
     if(conn->handler->protocol&PROTO_FAMILY_HTTP) {
       struct HTTP *http = data->req.protop;
-      if(http->writebytecount)
-        return Curl_readrewind(conn);
+      if(http->writebytecount) {
+        CURLcode result = Curl_readrewind(conn);
+        if(result) {
+          Curl_safefree(*url);
+          return result;
+        }
+      }
     }
   }
   return CURLE_OK;
-- 
cgit v1.2.1