romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-15 01:01:41 +03:00
Code Issues Projects Releases Packages Wiki Activity

tool_doswin: avoid memory-leak with CURL_FN_SANITIZE_*

Browse source 
This is debug-only code

Follow-up to 20900e4a1e

Found by Codex Security

Closes #20804
This commit is contained in:
Daniel Stenberg 2026-03-03 22:57:46 +01:00
parent 933c34e873
commit d7e4473806
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
1 changed files with 6 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/tool_doswin.c
View file

@ -512,10 +512,14 @@ SANITIZEcode sanitize_file_name(char ** const sanitized, const char *file_name,
}
#ifdef DEBUGBUILD
if(getenv("CURL_FN_SANITIZE_BAD"))
if(getenv("CURL_FN_SANITIZE_BAD")) {
curlx_free(target);
return SANITIZE_ERR_INVALID_PATH;
if(getenv("CURL_FN_SANITIZE_OOM"))
}
if(getenv("CURL_FN_SANITIZE_OOM")) {
curlx_free(target);
return SANITIZE_ERR_OUT_OF_MEMORY;
}
#endif
*sanitized = target;