krb5_gssapi: fix memory leak on error path

author Daniel Stenberg <daniel@haxx.se>

Thu, 9 Oct 2025 14:51:55 +0000 (16:51 +0200)

committer Daniel Stenberg <daniel@haxx.se>

Thu, 9 Oct 2025 20:02:16 +0000 (22:02 +0200)
author Daniel Stenberg <daniel@haxx.se>
Thu, 9 Oct 2025 14:51:55 +0000 (16:51 +0200)
committer Daniel Stenberg <daniel@haxx.se>
Thu, 9 Oct 2025 20:02:16 +0000 (22:02 +0200)
diff --git a/lib/vauth/krb5_gssapi.c b/lib/vauth/krb5_gssapi.c

index 70144e5514ad0a7961e02efb3597cce01fa02d31..a414d0a35961b635c5fd10ed7be0dd265c387461 100644 (file)
--- a/lib/vauth/krb5_gssapi.c
+++ b/lib/vauth/krb5_gssapi.c
@@ -225,6 +225,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
    /* Not 4 octets long so fail as per RFC4752 Section 3.1 */
    if(output_token.length != 4) {
      infof(data, "GSSAPI handshake failure (invalid security data)");
+    gss_release_buffer(&unused_status, &output_token);
      return CURLE_BAD_CONTENT_ENCODING;
    }
author	Daniel Stenberg <daniel@haxx.se>
	Thu, 9 Oct 2025 14:51:55 +0000 (16:51 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Thu, 9 Oct 2025 20:02:16 +0000 (22:02 +0200)