url: fix memory leak if OOM in the HSTS handling

Reported-by: Viktor Szakats
Bug: https://github.com/curl/curl/pull/6627#issuecomment-781626205

Closes #6628

diff --git a/lib/url.c b/lib/url.c
index e956121054148a0e6d7cff5ea3d6106792ea0479..480c94c2038c7673fd6977ee56ff6cde33baeab0 100644 (file)
--- a/lib/url.c
+++ b/lib/url.c
@@ -1959,8 +1959,10 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
       if(uc)
         return Curl_uc_to_curlcode(uc);
       uc = curl_url_get(uh, CURLUPART_SCHEME, &data->state.up.scheme, 0);
-      if(uc)
+      if(uc) {
+        free(url);
         return Curl_uc_to_curlcode(uc);
+      }
       data->change.url = url;
       data->change.url_alloc = TRUE;
       infof(data, "Switched from HTTP to HTTPS due to HSTS => %s\n",