x509asn1: replace single char with an array

Although safe in this context, using a single char as an array may
cause invalid accesses to adjacent memory locations.

Detected by Coverity.

diff --git a/lib/x509asn1.c b/lib/x509asn1.c
index 6bd9e4ed78bd4d62e3e55646e405ca45c340f995..5410e0575497cf86248834906904097565771bc4 100644 (file)
--- a/lib/x509asn1.c
+++ b/lib/x509asn1.c
@@ -417,13 +417,13 @@ static const char *OID2str(const char *beg, const char *end, bool symbolic)
   char *buf = (char *) NULL;
   const curl_OID * op;
   int n;
-  char dummy;
+  char dummy[1];
 
   /* Convert an ASN.1 OID into its dotted or symbolic string representation.
      Return the dynamically allocated string, or NULL if an error occurs. */
 
   if(beg < end) {
-    n = encodeOID(&dummy, 0, beg, end);
+    n = encodeOID(dummy, 0, beg, end);
     if(n >= 0) {
       buf = malloc(n + 1);
       if(buf) {