From 801ea1fc4e977d3c57dead77abd92447c6e213ee Mon Sep 17 00:00:00 2001 From: Ashish Sharma Date: Fri, 11 Jul 2025 13:12:58 +0800 Subject: [PATCH] fix(esp_http_client): fix memory leak in current_header_value buffer Fixed memory leak in esp_http_client_cleanup() where current_header_value buffer was not being freed when ESP_ERR_HTTP_FETCH_HEADER is returned during header parsing failures. --- components/esp_http_client/esp_http_client.c | 1 + components/esp_http_client/lib/http_utils.c | 12 ++++++++++-- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/components/esp_http_client/esp_http_client.c b/components/esp_http_client/esp_http_client.c index 607a4375a6..d4a55e54f8 100644 --- a/components/esp_http_client/esp_http_client.c +++ b/components/esp_http_client/esp_http_client.c @@ -1075,6 +1075,7 @@ esp_err_t esp_http_client_cleanup(esp_http_client_handle_t client) _clear_auth_data(client); free(client->auth_data); free(client->current_header_key); + free(client->current_header_value); free(client->location); free(client->auth_header); free(client); diff --git a/components/esp_http_client/lib/http_utils.c b/components/esp_http_client/lib/http_utils.c index ec6a20fcf5..07e9c5585f 100644 --- a/components/esp_http_client/lib/http_utils.c +++ b/components/esp_http_client/lib/http_utils.c @@ -68,8 +68,16 @@ char *http_utils_append_string(char **str, const char *new_str, int len) } if (old_str) { old_len = strlen(old_str); - old_str = realloc(old_str, old_len + l + 1); - ESP_RETURN_ON_FALSE(old_str, NULL, TAG, "Memory exhausted"); + // old_str should not be reallocated directly, as in case of memory exhaustion, + // it will be lost and we will not be able to free it. + char *tmp = realloc(old_str, old_len + l + 1); + if (tmp == NULL) { + free(old_str); + old_str = NULL; + ESP_RETURN_ON_FALSE(tmp, NULL, TAG, "Memory exhausted"); + } + old_str = tmp; + // Ensure the new string is null-terminated old_str[old_len + l] = 0; } else { old_str = calloc(1, l + 1);