From: Marcus Meissner <marcus@jet.franken.de>
Subject: [PATCH] winhttp: avoid leaking authinfo on error (Coverity)
Message-Id: <1397716994-7537-1-git-send-email-marcus@jet.franken.de>
Date: Thu, 17 Apr 2014 08:43:14 +0200

1020941 Resource leak
---
 dlls/winhttp/request.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/dlls/winhttp/request.c b/dlls/winhttp/request.c
index ed3430a..374051a 100644
--- a/dlls/winhttp/request.c
+++ b/dlls/winhttp/request.c
@@ -1628,7 +1628,11 @@ static BOOL do_authorization( request_t *request, DWORD target, DWORD scheme_fla
         {
             int len = strlenW( ++p );
             in.cbBuffer = decode_base64( p, len, NULL );
-            if (!(in.pvBuffer = heap_alloc( in.cbBuffer ))) return FALSE;
+            if (!(in.pvBuffer = heap_alloc( in.cbBuffer ))) {
+                destroy_authinfo( authinfo );
+                *auth_ptr = NULL;
+                return FALSE;
+            }
             decode_base64( p, len, in.pvBuffer );
         }
         out.BufferType = SECBUFFER_TOKEN;
@@ -1636,6 +1640,8 @@ static BOOL do_authorization( request_t *request, DWORD target, DWORD scheme_fla
         if (!(out.pvBuffer = heap_alloc( authinfo->max_token )))
         {
             heap_free( in.pvBuffer );
+            destroy_authinfo( authinfo );
+            *auth_ptr = NULL;
             return FALSE;
         }
         out_desc.ulVersion = 0;
-- 
1.8.4.5