socks5: please static code analyzer

Make sure we don't call memcpy() if the argument is NULL even
though we also passed a zero length then, as the clang analyzer
whined and we want to limit warnings (even false positives) when
they're this easy to fix.

The change of (char) to (unsigned char) will fix long user names
and passwords on systems that have the char type signed by
default.

diff --git a/lib/socks.c b/lib/socks.c
index df301ecec85bcd9ff5129cd43760da312de0d1b1..9787f864aedfd518285e08c6cc1c56bb221986c2 100644 (file)
--- a/lib/socks.c
+++ b/lib/socks.c
@@ -511,11 +511,13 @@ CURLcode Curl_SOCKS5(const char *proxy_name,
      */
     len = 0;
     socksreq[len++] = 1;    /* username/pw subnegotiation version */
-    socksreq[len++] = (char) userlen;
-    memcpy(socksreq + len, proxy_name, userlen);
+    socksreq[len++] = (unsigned char) userlen;
+    if(proxy_name && userlen)
+      memcpy(socksreq + len, proxy_name, userlen);
     len += (int)userlen;
-    socksreq[len++] = (char) pwlen;
-    memcpy(socksreq + len, proxy_password, pwlen);
+    socksreq[len++] = (unsigned char) pwlen;
+    if(proxy_password && pwlen)
+      memcpy(socksreq + len, proxy_password, pwlen);
     len += (int)pwlen;
 
     code = Curl_write_plain(conn, sock, (char *)socksreq, len, &written);