From bf430ecdef3d7c49cf01a57e3289ff7aaa1e0278 Mon Sep 17 00:00:00 2001
From: Miroslav Franc <mfranc@gmx.com>
Date: Wed, 13 Jul 2016 18:43:18 +0200
Subject: library: Fix memory leaks found during static analysis

Closes https://github.com/curl/curl/pull/913
---
 lib/file.c       | 8 ++++++--
 lib/pipeline.c   | 9 +++++++--
 lib/socks_sspi.c | 4 ++--
 3 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/lib/file.c b/lib/file.c
index be7660cfb..b534ec18d 100644
--- a/lib/file.c
+++ b/lib/file.c
@@ -227,15 +227,19 @@ static CURLcode file_connect(struct connectdata *conn, bool *done)
   for(i=0; i < real_path_len; ++i)
     if(actual_path[i] == '/')
       actual_path[i] = '\\';
-    else if(!actual_path[i]) /* binary zero */
+    else if(!actual_path[i]) { /* binary zero */
+      Curl_safefree(real_path);
       return CURLE_URL_MALFORMAT;
+    }
 
   fd = open_readonly(actual_path, O_RDONLY|O_BINARY);
   file->path = actual_path;
 #else
-  if(memchr(real_path, 0, real_path_len))
+  if(memchr(real_path, 0, real_path_len)) {
     /* binary zeroes indicate foul play */
+    Curl_safefree(real_path);
     return CURLE_URL_MALFORMAT;
+  }
 
   fd = open_readonly(real_path, O_RDONLY);
   file->path = real_path;
diff --git a/lib/pipeline.c b/lib/pipeline.c
index 211194b25..0ff82f086 100644
--- a/lib/pipeline.c
+++ b/lib/pipeline.c
@@ -299,11 +299,16 @@ CURLMcode Curl_pipeline_set_server_blacklist(char **servers,
       char *server_name;
 
       server_name = strdup(*servers);
-      if(!server_name)
+      if(!server_name) {
+        Curl_llist_destroy(new_list, NULL);
         return CURLM_OUT_OF_MEMORY;
+      }
 
-      if(!Curl_llist_insert_next(new_list, new_list->tail, server_name))
+      if(!Curl_llist_insert_next(new_list, new_list->tail, server_name)) {
+        Curl_llist_destroy(new_list, NULL);
+        Curl_safefree(server_name);
         return CURLM_OUT_OF_MEMORY;
+      }
 
       servers++;
     }
diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c
index 7fbf3dfee..605349038 100644
--- a/lib/socks_sspi.c
+++ b/lib/socks_sspi.c
@@ -34,6 +34,7 @@
 #include "curl_sspi.h"
 #include "curl_multibyte.h"
 #include "warnless.h"
+#include "strdup.h"
 /* The last 3 #include files should be in this order */
 #include "curl_printf.h"
 #include "curl_memory.h"
@@ -96,10 +97,9 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
 
   /* prepare service name */
   if(strchr(service, '/')) {
-    service_name = malloc(strlen(service));
+    service_name = strdup(service);
     if(!service_name)
       return CURLE_OUT_OF_MEMORY;
-    memcpy(service_name, service, strlen(service));
   }
   else {
     service_name = malloc(strlen(service) + strlen(conn->proxy.name) + 2);
-- 
cgit v1.2.3