From 46f906a1b0e987ff8a044595550ba2a0e3d6368c Mon Sep 17 00:00:00 2001
From: Isaac Boukris <iboukris@gmail.com>
Date: Wed, 9 Nov 2016 15:37:34 +0200
Subject: SPNEGO: Fix memory leak when authentication fails

If SPNEGO fails, cleanup the negotiate handle right away.

Fixes #1115

Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reported-by: ashman-p
---
 lib/http_negotiate.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'lib/http_negotiate.c')

diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c
index eb17ed4f2..5ea9f3401 100644
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@@ -37,6 +37,7 @@
 CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy,
                               const char *header)
 {
+  CURLcode result;
   struct Curl_easy *data = conn->data;
   size_t len;
 
@@ -89,8 +90,13 @@ CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy,
   }
 
   /* Initilise the security context and decode our challenge */
-  return Curl_auth_decode_spnego_message(data, userp, passwdp, service, host,
-                                         header, neg_ctx);
+  result = Curl_auth_decode_spnego_message(data, userp, passwdp, service,
+                                           host, header, neg_ctx);
+
+  if(result)
+    Curl_auth_spnego_cleanup(neg_ctx);
+
+  return result;
 }
 
 CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
-- 
cgit v1.2.3