diff --git a/src/modules/http/src/httpAuth.c b/src/modules/http/src/httpAuth.c
index 4503accc0acdc74f1035b91bb2b85a344eb143fe..1ba11aba09789433b476c34864906fa13891dafc 100644
--- a/src/modules/http/src/httpAuth.c
+++ b/src/modules/http/src/httpAuth.c
@@ -75,6 +75,8 @@ bool httpParseTaosdAuthToken(HttpContext *pContext, char *token, int len) {
   unsigned char *base64 = base64_decode(token, len, &outlen);
   if (base64 == NULL || outlen == 0) {
     httpError("context:%p, fd:%d, ip:%s, taosd token:%s parsed error", pContext, pContext->fd, pContext->ipstr, token);
+    if (base64)
+      free(base64);
     return false;
   }
   if (outlen != (TSDB_USER_LEN + TSDB_PASSWORD_LEN)) {