url: fix cookielist memleak when curl_easy_reset

- Free set.cookelist in Curl_freeset instead of Curl_close.

Prior to this change the cookielist linked list wasn't freed by
curl_easy_reset which calls Curl_freeset to free all set.

Bug: https://github.com/curl/curl/issues/10694#issuecomment-1458619157
Reported-by: Sergey Ryabinin
Closes https://github.com/curl/curl/pull/10709

diff --git a/lib/url.c b/lib/url.c
index 35e870a3673e846c627f3b19896b5f44ac06aa30..c5d54d19e3dd2ccab86fb67c59636bf6360c6760 100644 (file)
--- a/lib/url.c
+++ b/lib/url.c
@@ -341,6 +341,11 @@ void Curl_freeset(struct Curl_easy *data)
   data->state.url = NULL;
 
   Curl_mime_cleanpart(&data->set.mimepost);
+
+#ifndef CURL_DISABLE_COOKIES
+  curl_slist_free_all(data->set.cookielist);
+  data->set.cookielist = NULL;
+#endif
 }
 
 /* free the URL pieces */
@@ -431,9 +436,6 @@ CURLcode Curl_close(struct Curl_easy **datap)
   Curl_dyn_free(&data->state.headerb);
   Curl_safefree(data->state.ulbuf);
   Curl_flush_cookies(data, TRUE);
-#ifndef CURL_DISABLE_COOKIES
-  curl_slist_free_all(data->set.cookielist); /* clean up list */
-#endif
   Curl_altsvc_save(data, data->asi, data->set.str[STRING_ALTSVC]);
   Curl_altsvc_cleanup(&data->asi);
   Curl_hsts_save(data, data->hsts, data->set.str[STRING_HSTS]);