From: x2018 <xkernel.wang@foxmail.com>
Date: Sun, 16 Nov 2025 18:25:57 +0000 (+0800)
Subject: schannel_verify: fix a memory leak of cert_context
X-Git-Tag: rc-8_18_0-1~263
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a6c940a7523a05822e40a164e949341009a3ff44;p=thirdparty%2Fcurl.git

schannel_verify: fix a memory leak of cert_context

Closes #19556
---

diff --git a/lib/vtls/schannel_verify.c b/lib/vtls/schannel_verify.c
index 6b8aec5613..72c42ed353 100644
--- a/lib/vtls/schannel_verify.c
+++ b/lib/vtls/schannel_verify.c
@@ -166,6 +166,7 @@ static CURLcode add_certs_data_to_store(HCERTSTORE trust_store,
 
         cert_blob.pbData = (BYTE *)CURL_UNCONST(begin_cert_ptr);
         cert_blob.cbData = cert_size;
+        /* Caution: CryptQueryObject() is deprecated */
         if(!CryptQueryObject(CERT_QUERY_OBJECT_BLOB,
                              &cert_blob,
                              CERT_QUERY_CONTENT_FLAG_CERT,
@@ -204,7 +205,6 @@ static CURLcode add_certs_data_to_store(HCERTSTORE trust_store,
                                                cert_context,
                                                CERT_STORE_ADD_ALWAYS,
                                                NULL);
-            CertFreeCertificateContext(cert_context);
             if(!add_cert_result) {
               char buffer[WINAPI_ERROR_LEN];
               failf(data,
@@ -220,6 +220,21 @@ static CURLcode add_certs_data_to_store(HCERTSTORE trust_store,
               num_certs++;
             }
           }
+
+          switch(actual_content_type) {
+          case CERT_QUERY_CONTENT_CERT:
+          case CERT_QUERY_CONTENT_SERIALIZED_CERT:
+            CertFreeCertificateContext(cert_context);
+            break;
+          case CERT_QUERY_CONTENT_CRL:
+          case CERT_QUERY_CONTENT_SERIALIZED_CRL:
+            CertFreeCRLContext((PCCRL_CONTEXT)cert_context);
+            break;
+          case CERT_QUERY_CONTENT_CTL:
+          case CERT_QUERY_CONTENT_SERIALIZED_CTL:
+            CertFreeCTLContext((PCCTL_CONTEXT)cert_context);
+            break;
+          }
         }
       }
     }