(/home/sate/Testcases/c/cve/wireshark-1.2.0/editcap.c) |
| |
| 361 | | | set_rel_time(char *optarg) |
| 362 | | | { |
| 363 | | | char *frac, *end; |
| 364 | | | long val; |
| 365 | | | size_t frac_digits; |
| 366 | | | |
| 367 | | | if (!optarg) |
Event 1:
Skipping " if". optarg evaluates to true.
hide
|
|
| 368 | | | return; |
| 369 | | | |
| 370 | | | |
| 371 | | | while (*optarg == ' ' || *optarg == '\t') { |
| 372 | | | optarg++; |
| 373 | | | } |
| 374 | | | |
| 375 | | | |
| 376 | | | if (*optarg == '-') { |
Event 3:
Skipping " if". *optarg == 45 evaluates to false.
hide
|
|
| 377 | | | optarg++; |
| 378 | | | } |
| 379 | | | |
| 380 | | | |
| 381 | | | if (*optarg == '.') { |
Event 4:
Taking true branch. *optarg == 46 evaluates to true.
hide
|
|
| 382 | | | val = 0; |
| 383 | | | frac = optarg; |
| 384 | | | } else { |
| 385 | | | val = strtol(optarg, &frac, 10); |
| 386 | | | if (frac == NULL || frac == optarg || val == LONG_MIN || val == LONG_MAX) { |
| 387 | | | fprintf(stderr, "1: editcap: \"%s\" isn't a valid rel time value\n", |
| 388 | | | optarg); |
| 389 | | | exit(1); |
| 390 | | | } |
| 391 | | | if (val < 0) { |
| 392 | | | fprintf(stderr, "2: editcap: \"%s\" isn't a valid rel time value\n", |
| 393 | | | optarg); |
| 394 | | | exit(1); |
| 395 | | | } |
| 396 | | | } |
| 397 | | | relative_time_window.secs = val; |
| 398 | | | |
| 399 | | | |
| 400 | | | if (*frac != '\0') { |
Event 5:
Taking true branch. *frac != 0 evaluates to true.
hide
|
|
| 401 | | | val = strtol(&(frac[1]), &end, 10); |
| 402 | | | if (*frac != '.' || end == NULL || end == frac |
Event 6:
Skipping " if". - *frac != 46 evaluates to false.
- end == (void *)0 evaluates to false.
- end == frac evaluates to false.
- val < 0 evaluates to false.
- val > 1000000000 evaluates to false.
- val == -2147483647 - 1 evaluates to false.
- val == 2147483647 evaluates to false.
hide
|
|
| 403 | | | || val < 0 || val > ONE_BILLION || val == LONG_MIN || val == LONG_MAX) { |
| 404 | | | fprintf(stderr, "3: editcap: \"%s\" isn't a valid rel time value\n", |
| 405 | | | optarg); |
| 406 | | | exit(1); |
| 407 | | | } |
| 408 | | | } |
| 409 | | | else { |
| 410 | | | return; |
| 411 | | | } |
| 412 | | | |
| 413 | | | |
| 414 | | | |
| 415 | | | if (frac && end) { |
Null Test After Dereference
This code tests the nullness of frac, which has already been dereferenced. - If frac were null, there would have been a prior null pointer dereference at editcap.c:402, and potentially at other locations as well.
- Either this test is redundant, or the earlier dereference(s) should be guarded by a similar test.
The issue can occur if the highlighted code executes. See related event 7. Show: All events | Only primary events |
|
| 416 | | | frac_digits = end - frac - 1; |
| 417 | | | while(frac_digits < 9) { |
| 418 | | | val *= 10; |
| 419 | | | frac_digits++; |
| 420 | | | } |
| 421 | | | } |
| 422 | | | relative_time_window.nsecs = val; |
| 423 | | | } |
| |