winhttp: Avoid leaking authinfo on error (Coverity).

0fe44e1b · Marcus Meissner · Alexandre Julliard · ccefbee7 · 0fe44e1b
Commit 0fe44e1b authored Apr 17, 2014 by Marcus Meissner Committed by Alexandre Julliard Apr 17, 2014
Show whitespace changes
Inline Side-by-side

Showing with 7 additions and 1 deletion

request.c dlls/winhttp/request.c +7 -1

No files found.
--- a/dlls/winhttp/request.c
+++ b/dlls/winhttp/request.c
@@ -1628,7 +1628,11 @@ static BOOL do_authorization( request_t *request, DWORD target, DWORD scheme_fla
        {
            int len = strlenW( ++p );
            in.cbBuffer = decode_base64( p, len, NULL );
-            if (!(in.pvBuffer = heap_alloc( in.cbBuffer ))) return FALSE;
+            if (!(in.pvBuffer = heap_alloc( in.cbBuffer ))) {
+                destroy_authinfo( authinfo );
+                *auth_ptr = NULL;
+                return FALSE;
+            }
            decode_base64( p, len, in.pvBuffer );
        }
        out.BufferType = SECBUFFER_TOKEN;
@@ -1636,6 +1640,8 @@ static BOOL do_authorization( request_t *request, DWORD target, DWORD scheme_fla
        if (!(out.pvBuffer = heap_alloc( authinfo->max_token )))
        {
            heap_free( in.pvBuffer );
+            destroy_authinfo( authinfo );
+            *auth_ptr = NULL;
            return FALSE;
        }
        out_desc.ulVersion = 0;