From 7bfc2b8a54b84419abbf5794c18834542731408f Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 25 Oct 2025 23:03:31 +0200 Subject: [PATCH] schannel: clean up better on Curl_conn_cf_send() error Fixes #19241 Reported-by: Joshua Rogers --- lib/vtls/schannel.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 0561d6fbdd..3ec33b591c 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -1128,7 +1128,7 @@ schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data) SecBuffer inbuf[2]; SecBufferDesc inbuf_desc; SECURITY_STATUS sspi_status = SEC_E_OK; - CURLcode result; + CURLcode result = CURLE_OK; bool doread; const char *pubkey_ptr; @@ -1301,15 +1301,18 @@ schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data) if(result || (outbuf[i].cbBuffer != written)) { failf(data, "schannel: failed to send next handshake data: " "sent %zu of %lu bytes", written, outbuf[i].cbBuffer); - return CURLE_SSL_CONNECT_ERROR; + result = CURLE_SSL_CONNECT_ERROR; + break; } } - - /* free obsolete buffer */ - if(outbuf[i].pvBuffer) { - Curl_pSecFn->FreeContextBuffer(outbuf[i].pvBuffer); - } } + for(i = 0; i < 3; i++) { + /* free obsolete buffer */ + if(outbuf[i].pvBuffer) + Curl_pSecFn->FreeContextBuffer(outbuf[i].pvBuffer); + } + if(result) + return result; } else { char buffer[STRERROR_LEN];