From: Christian Schmitz <support@monkeybreadsoftware.de>
Date: Wed, 11 Dec 2024 10:48:20 +0000 (+0100)
Subject: sectransp: free certificate on error
X-Git-Tag: curl-8_12_0~367
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=df1d08ec0daf06b0bf2fdebe2411631e08967a98;p=thirdparty%2Fcurl.git

sectransp: free certificate on error

Otherwise the certificate memory was leaked.

Closes #15721
---

diff --git a/lib/vtls/sectransp.c b/lib/vtls/sectransp.c
index c6a1c73dcf..1e1413f5f2 100644
--- a/lib/vtls/sectransp.c
+++ b/lib/vtls/sectransp.c
@@ -1504,9 +1504,11 @@ static CURLcode append_cert_to_array(struct Curl_easy *data,
       case CURLE_OK:
         break;
       case CURLE_PEER_FAILED_VERIFICATION:
+        CFRelease(cacert);
         return CURLE_SSL_CACERT_BADFILE;
       case CURLE_OUT_OF_MEMORY:
       default:
+        CFRelease(cacert);
         return result;
     }
     free(certp);
@@ -2424,7 +2426,7 @@ static CURLcode sectransp_shutdown(struct Curl_cfilter *cf,
   struct st_ssl_backend_data *backend =
     (struct st_ssl_backend_data *)connssl->backend;
   CURLcode result = CURLE_OK;
-  ssize_t nread;
+  ssize_t nread = 0;
   char buf[1024];
   size_t i;