From fa86d32d599844902711634ab8c7ad79b64b5ace Mon Sep 17 00:00:00 2001
From: Patrick Monnerat <patrick@monnerat.net>
Date: Mon, 18 Feb 2019 15:40:34 +0100
Subject: x509asn1: replace single char with an array

Although safe in this context, using a single char as an array may
cause invalid accesses to adjacent memory locations.

Detected by Coverity.
---
 lib/x509asn1.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/x509asn1.c b/lib/x509asn1.c
index 6bd9e4ed7..5410e0575 100644
--- a/lib/x509asn1.c
+++ b/lib/x509asn1.c
@@ -417,13 +417,13 @@ static const char *OID2str(const char *beg, const char *end, bool symbolic)
   char *buf = (char *) NULL;
   const curl_OID * op;
   int n;
-  char dummy;
+  char dummy[1];
 
   /* Convert an ASN.1 OID into its dotted or symbolic string representation.
      Return the dynamically allocated string, or NULL if an error occurs. */
 
   if(beg < end) {
-    n = encodeOID(&dummy, 0, beg, end);
+    n = encodeOID(dummy, 0, beg, end);
     if(n >= 0) {
       buf = malloc(n + 1);
       if(buf) {
-- 
cgit v1.2.1