From fa86d32d599844902711634ab8c7ad79b64b5ace Mon Sep 17 00:00:00 2001 From: Patrick Monnerat Date: Mon, 18 Feb 2019 15:40:34 +0100 Subject: [PATCH] x509asn1: replace single char with an array Although safe in this context, using a single char as an array may cause invalid accesses to adjacent memory locations. Detected by Coverity. --- lib/x509asn1.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/x509asn1.c b/lib/x509asn1.c index 6bd9e4ed7..5410e0575 100644 --- a/lib/x509asn1.c +++ b/lib/x509asn1.c @@ -417,13 +417,13 @@ static const char *OID2str(const char *beg, const char *end, bool symbolic) char *buf = (char *) NULL; const curl_OID * op; int n; - char dummy; + char dummy[1]; /* Convert an ASN.1 OID into its dotted or symbolic string representation. Return the dynamically allocated string, or NULL if an error occurs. */ if(beg < end) { - n = encodeOID(&dummy, 0, beg, end); + n = encodeOID(dummy, 0, beg, end); if(n >= 0) { buf = malloc(n + 1); if(buf) { -- 2.40.0