From a544df0b095d295e246f7aa5dcc613b80708d203 Mon Sep 17 00:00:00 2001
From: kangenbo <kangenbo@huawei.com>
Date: Fri, 8 Mar 2019 12:29:54 -0500
Subject: [PATCH] darwinssl: Fix realloc memleak

The reallocation was using the input pointer for the return value, which
leads to a memory leak on reallication failure. Fix by instead use the
safe internal API call Curl_saferealloc().

---
 lib/vtls/darwinssl.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c
index 1aea0dc..e963f27 100644
--- a/lib/vtls/darwinssl.c
+++ b/lib/vtls/darwinssl.c
@@ -116,6 +116,7 @@
 #include "vtls.h"
 #include "darwinssl.h"
 #include "curl_printf.h"
+#include "strdup.h"
 
 #include "curl_memory.h"
 /* The last #include file should be: */
@@ -2039,7 +2040,7 @@ static int read_cert(const char *file, unsigned char **out, size_t *outlen)
 
     if(len + n >= cap) {
       cap *= 2;
-      data = realloc(data, cap);
+      data = Curl_saferealloc(data, cap);
       if(!data) {
         close(fd);
         return -1;
-- 
1.8.3.1