From 7fb7f2413194e7f7a21716f86c765ad47c66fadf Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 24 Apr 2010 12:40:00 +0200 Subject: [PATCH] socks5: please static code analyzer Make sure we don't call memcpy() if the argument is NULL even though we also passed a zero length then, as the clang analyzer whined and we want to limit warnings (even false positives) when they're this easy to fix. The change of (char) to (unsigned char) will fix long user names and passwords on systems that have the char type signed by default. --- lib/socks.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/lib/socks.c b/lib/socks.c index df301ecec..9787f864a 100644 --- a/lib/socks.c +++ b/lib/socks.c @@ -511,11 +511,13 @@ CURLcode Curl_SOCKS5(const char *proxy_name, */ len = 0; socksreq[len++] = 1; /* username/pw subnegotiation version */ - socksreq[len++] = (char) userlen; - memcpy(socksreq + len, proxy_name, userlen); + socksreq[len++] = (unsigned char) userlen; + if(proxy_name && userlen) + memcpy(socksreq + len, proxy_name, userlen); len += (int)userlen; - socksreq[len++] = (char) pwlen; - memcpy(socksreq + len, proxy_password, pwlen); + socksreq[len++] = (unsigned char) pwlen; + if(proxy_password && pwlen) + memcpy(socksreq + len, proxy_password, pwlen); len += (int)pwlen; code = Curl_write_plain(conn, sock, (char *)socksreq, len, &written);