fix(esp_http_client): fix memory leak in current_header_value buffer

Fixed memory leak in esp_http_client_cleanup() where current_header_value
buffer was not being freed when ESP_ERR_HTTP_FETCH_HEADER is returned
during header parsing failures.

components/esp_http_client/esp_http_client.c

@@ -928,6 +928,7 @@ esp_err_t esp_http_client_cleanup(esp_http_client_handle_t client)
     _clear_auth_data(client);
     free(client->auth_data);
     free(client->current_header_key);
+    free(client->current_header_value);
     free(client->location);
     free(client->auth_header);
     free(client);

components/esp_http_client/lib/http_utils.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2015-2021 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2015-2025 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -11,6 +11,7 @@
 #include <assert.h>
 
 #include "http_utils.h"
+#include "esp_check.h"
 
 #ifndef mem_check
 #define mem_check(x) assert(x)
@@ -64,8 +65,16 @@ char *http_utils_append_string(char **str, const char *new_str, int len)
         }
         if (old_str) {
             old_len = strlen(old_str);
-            old_str = realloc(old_str, old_len + l + 1);
-            mem_check(old_str);
+            // old_str should not be reallocated directly, as in case of memory exhaustion,
+            // it will be lost and we will not be able to free it.
+            char *tmp = realloc(old_str, old_len + l + 1);
+            if (tmp == NULL) {
+                free(old_str);
+                old_str = NULL;
+                ESP_RETURN_ON_FALSE(old_str, NULL, "http_utils", "Memory exhausted");
+            }
+            old_str = tmp;
+            // Ensure the new string is null-terminated
             old_str[old_len + l] = 0;
         } else {
             old_str = calloc(1, l + 1);