Commit e8fecf26 authored by Michael Kaufmann's avatar Michael Kaufmann
Browse files

FindWin32CACert: Use a temporary buffer on the stack 

Don't malloc() the temporary buffer, and use the correct type:
SearchPath() works with TCHAR, but SearchPathA() works with char.
Set the buffer size to MAX_PATH, because the terminating null byte
is already included in MAX_PATH.

Reviewed-by: Daniel Stenberg
Reviewed-by: Marcel Raad

Closes #1548
parent 916ec30a

src/tool_doswin.c

+2 −8
Original line number Diff line number Diff line
@@ -646,24 +646,18 @@ CURLcode FindWin32CACert(struct OperationConfig *config, 
  if(curlinfo->features & CURL_VERSION_SSL) {



    DWORD res_len;

    DWORD buf_tchar_size = PATH_MAX + 1;

    DWORD buf_bytes_size = sizeof(TCHAR) * buf_tchar_size;

    char buf[PATH_MAX];

    char *ptr = NULL;



    char *buf = malloc(buf_bytes_size);

    if(!buf)

      return CURLE_OUT_OF_MEMORY;

    buf[0] = '\0';



    res_len = SearchPathA(NULL, bundle_file, NULL, buf_tchar_size, buf, &ptr);

    res_len = SearchPathA(NULL, bundle_file, NULL, PATH_MAX, buf, &ptr);

    if(res_len > 0) {

      Curl_safefree(config->cacert);

      config->cacert = strdup(buf);

      if(!config->cacert)

        result = CURLE_OUT_OF_MEMORY;

    }



    Curl_safefree(buf);

  }



  return result;