Two memory leaks and one size check #913
My colleagues have run static analysis on curl code base.
Two memory leaks we found. One in function lib/file.c:fileconnect where memory pointed to by variable real_path is never returned when returning CURLE_URL_MALFORMAT from the function. The other is in function lib/pipeline.c:Curl_pipeline_set_server_blacklist where both new_list and server_name have potential of leaking memory in case CURLM_OUT_OF_MEMORY is returned from the function.
The second issue appears to be in function lib/sock_sspi.c:Curl_SOCKS5_gssapi_negotiate where service_name is allocated via malloc(strlen(service)) while I believe the resulting string should be null-terminated.