crash with -F file=@/directory

[tobypeterson]

Easy to repro:

% curl -F file=@/tmp example.com
curl(32762,0x7fffc20493c0) malloc: *** error for object 0x7fdfe7400017: pointer being freed was not allocated
*** set a breakpoint in malloc_error_break to debug

Crash introduced by commit c2a809cd265c37e7bbef55e64d70114d2f0d7189

The last goto added there is after newform has been added to list (formp), so curl then crashes since the list contains a freed entry.

Obvious fix is to move the list link adjustment to after the "if (size)" block, but then the error is rather vague:

curl: (43) A libcurl function was given a bad argument

curl 7.50.3, macOS Sierra

[bagder]

Thanks!

I agree that the error message is annoyingly cryptic, but it is hard to fix easily since we have no struct Curl_easy handle to for example do custom error messages with. I think that's still the easy fix to go with and improving the error message is a more longer term fix. I'd like to add easy handles to a new set of curl_formadd() functions and deprecate the old functions that don't take any such argument and then lots of good opportunities will open.

So, I'll merge this easy fix now.