diff options
author | Daniel Stenberg <daniel@haxx.se> | 2016-03-31 10:22:42 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2016-03-31 10:22:42 +0200 |
commit | 0ee0d30a9f0450144d60ea906987d69ddb808da4 (patch) | |
tree | f0314e16909a0b3a7f25e692866d920565edfcd2 /lib/socks_sspi.c | |
parent | 541027876d9fc82792803326a1dc112c1a65398c (diff) | |
download | curl-0ee0d30a9f0450144d60ea906987d69ddb808da4.tar.gz |
SOCKS5_gssapi_negotiate: don't assume little-endian ints
The code copied one byte from a 32bit integer, which works fine as long
as the byte order is the same. Not a fine assumption. Reported by PVS
Studio.
Reported-by: Alexis La Goutte
Diffstat (limited to 'lib/socks_sspi.c')
-rw-r--r-- | lib/socks_sspi.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c index 356772e1f..5f650be67 100644 --- a/lib/socks_sspi.c +++ b/lib/socks_sspi.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 2012 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 2012 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 2009, 2011, Markus Moeller, <markus_moeller@compuserve.com> * * This software is licensed as described in the file COPYING, which @@ -70,7 +70,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, /* Needs GSS-API authentication */ SECURITY_STATUS status; unsigned long sspi_ret_flags = 0; - int gss_enc; + unsigned char gss_enc; SecBuffer sspi_send_token, sspi_recv_token, sspi_w_token[3]; SecBufferDesc input_desc, output_desc, wrap_desc; SecPkgContext_Sizes sspi_sizes; |