From 0b11660234c4f9bbea7308402ad739dc3f153b08 Mon Sep 17 00:00:00 2001
From: Isaac Boukris <iboukris@gmail.com>
Date: Sat, 22 Jul 2017 02:00:46 +0300
Subject: gssapi: fix memory leak of output token in multi round context

When multiple rounds are needed to establish a security context
(usually ntlm), we overwrite old token with a new one without free.
Found by proposed gss tests using stub a gss implementation (by
valgrind error), though I have confirmed the leak with a real
gssapi implementation as well.

Closes https://github.com/curl/curl/pull/1733
---
 lib/vauth/spnego_gssapi.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'lib/vauth/spnego_gssapi.c')

diff --git a/lib/vauth/spnego_gssapi.c b/lib/vauth/spnego_gssapi.c
index 8840db8fd..5196c2704 100644
--- a/lib/vauth/spnego_gssapi.c
+++ b/lib/vauth/spnego_gssapi.c
@@ -180,6 +180,10 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
     return CURLE_OUT_OF_MEMORY;
   }
 
+  /* Free previous token */
+  if(nego->output_token.length && nego->output_token.value)
+    gss_release_buffer(&unused_status, &nego->output_token);
+
   nego->output_token = output_token;
 
   return CURLE_OK;
-- 
cgit v1.2.3