schannel: fix memory leak

- Do not leak memory on failed setting algorithm cipher list.

Discovered by ZeroPath.

- Do not free backend->cred after failed AcquireCredentialsHandle.

backend->cred is always freed later, during cleanup.

Closes https://github.com/curl/curl/pull/19118

diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index ae5834d84342b333e4737f5e08edf5f39c1aa29c..9b2b1e702e81ffba2d7d21396ad4ed613f7d3425 100644 (file)
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -818,6 +818,8 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
       result = set_ssl_ciphers(&schannel_cred, ciphers, algIds);
       if(result) {
         failf(data, "schannel: Failed setting algorithm cipher list");
+        if(client_certs[0])
+          CertFreeCertificateContext(client_certs[0]);
         return result;
       }
     }
@@ -845,7 +847,6 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
     char buffer[STRERROR_LEN];
     failf(data, "schannel: AcquireCredentialsHandle failed: %s",
           Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer)));
-    Curl_safefree(backend->cred);
     switch(sspi_status) {
     case SEC_E_INSUFFICIENT_MEMORY:
       return CURLE_OUT_OF_MEMORY;