SOCKS5_gssapi_negotiate: don't assume little-endian ints

The code copied one byte from a 32bit integer, which works fine as long
as the byte order is the same. Not a fine assumption. Reported by PVS
Studio.

Reported-by: Alexis La Goutte

diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c
index 356772e1f0c24816d89c6b9c8e0dde86fee7d3e5..5f650be675e5d1652041ad7bb4db03075adb509d 100644 (file)
--- a/lib/socks_sspi.c
+++ b/lib/socks_sspi.c
@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 2012 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2012 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
  * Copyright (C) 2009, 2011, Markus Moeller, <markus_moeller@compuserve.com>
  *
  * This software is licensed as described in the file COPYING, which
@@ -70,7 +70,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
   /* Needs GSS-API authentication */
   SECURITY_STATUS status;
   unsigned long sspi_ret_flags = 0;
-  int gss_enc;
+  unsigned char gss_enc;
   SecBuffer sspi_send_token, sspi_recv_token, sspi_w_token[3];
   SecBufferDesc input_desc, output_desc, wrap_desc;
   SecPkgContext_Sizes sspi_sizes;