From a4a5e438ae533c9af5e97457ae424c9189545105 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 12 Jun 2023 14:10:37 +0200
Subject: [PATCH] vtls: avoid memory leak if sha256 call fails

... in the pinned public key handling function.

Reported-by: lizhuang0630 on github
Fixes #11306
Closes #11307

Conflict: NA
Reference: https://github.com/curl/curl/commit/a4a5e438ae533c9af5e97457ae424c9189545105
---
 lib/vtls/vtls.c | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index a4ff7d61a6193..cdd3a4fdc1c14 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -907,14 +907,12 @@ CURLcode Curl_pin_peer_pubkey(struct Curl_easy *data,
     if(!sha256sumdigest)
       return CURLE_OUT_OF_MEMORY;
     encode = Curl_ssl->sha256sum(pubkey, pubkeylen,
-                        sha256sumdigest, CURL_SHA256_DIGEST_LENGTH);
+                                 sha256sumdigest, CURL_SHA256_DIGEST_LENGTH);
 
-    if(encode != CURLE_OK)
-      return encode;
-
-    encode = Curl_base64_encode((char *)sha256sumdigest,
-                                CURL_SHA256_DIGEST_LENGTH, &encoded,
-                                &encodedlen);
+    if(!encode)
+      encode = Curl_base64_encode((char *)sha256sumdigest,
+                                  CURL_SHA256_DIGEST_LENGTH, &encoded,
+                                  &encodedlen);
     Curl_safefree(sha256sumdigest);
 
     if(encode)