From: Michael Kaufmann <mail@michael-kaufmann.ch>
Date: Tue, 6 Jun 2017 20:15:17 +0000 (+0200)
Subject: FindWin32CACert: Use a temporary buffer on the stack
X-Git-Tag: curl-7_54_1~7
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e8fecf2614b479d2448c61159b4a7dadf4cf7df9;p=thirdparty%2Fcurl.git

FindWin32CACert: Use a temporary buffer on the stack

Don't malloc() the temporary buffer, and use the correct type:
SearchPath() works with TCHAR, but SearchPathA() works with char.
Set the buffer size to MAX_PATH, because the terminating null byte
is already included in MAX_PATH.

Reviewed-by: Daniel Stenberg
Reviewed-by: Marcel Raad

Closes #1548
---

diff --git a/src/tool_doswin.c b/src/tool_doswin.c
index 48af3bfb86..91299986af 100644
--- a/src/tool_doswin.c
+++ b/src/tool_doswin.c
@@ -646,24 +646,18 @@ CURLcode FindWin32CACert(struct OperationConfig *config,
   if(curlinfo->features & CURL_VERSION_SSL) {
 
     DWORD res_len;
-    DWORD buf_tchar_size = PATH_MAX + 1;
-    DWORD buf_bytes_size = sizeof(TCHAR) * buf_tchar_size;
+    char buf[PATH_MAX];
     char *ptr = NULL;
 
-    char *buf = malloc(buf_bytes_size);
-    if(!buf)
-      return CURLE_OUT_OF_MEMORY;
     buf[0] = '\0';
 
-    res_len = SearchPathA(NULL, bundle_file, NULL, buf_tchar_size, buf, &ptr);
+    res_len = SearchPathA(NULL, bundle_file, NULL, PATH_MAX, buf, &ptr);
     if(res_len > 0) {
       Curl_safefree(config->cacert);
       config->cacert = strdup(buf);
       if(!config->cacert)
         result = CURLE_OUT_OF_MEMORY;
     }
-
-    Curl_safefree(buf);
   }
 
   return result;