vauth: Fix memleak by freeing credentials if out of memory

This is a follow up to the parent commit dcdd4be which fixes one leak
but creates another by failing to free the credentials handle if out of
memory. Also there's a second location a few lines down where we fail to
do same. This commit fixes both of those issues.

diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c
index fc37db0c5c15fdaf2ca559a904e478c242421a36..6a7315eb5022391aadefb009a0486503d8d3b359 100644 (file)
--- a/lib/vauth/digest_sspi.c
+++ b/lib/vauth/digest_sspi.c
@@ -420,7 +420,10 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
      by the security package */
   output_token = malloc(token_max);
   if(!output_token) {
+    s_pSecFn->FreeCredentialsHandle(&credentials);
+
     Curl_sspi_free_identity(p_identity);
+
     return CURLE_OUT_OF_MEMORY;
   }
 
@@ -448,6 +451,8 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
 
   spn = Curl_convert_UTF8_to_tchar((char *) uripath);
   if(!spn) {
+    s_pSecFn->FreeCredentialsHandle(&credentials);
+
     Curl_sspi_free_identity(p_identity);
     free(output_token);