(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/auth/mech-external.c) |
| |
| 9 | | | mech_external_auth_continue(struct auth_request *request, |
| 10 | | | const unsigned char *data, size_t data_size) |
| 11 | | | { |
| 12 | | | const char *authzid, *error; |
| 13 | | | |
| 14 | | | authzid = t_strndup(data, data_size); |
| 15 | | | if (request->user == NULL) { |
Event 1:
Taking false branch. request->user == (void *)0 evaluates to false.
hide
|
|
| 16 | | | auth_request_log_info(request, "external", |
| 17 | | | "username not known"); |
| 18 | | | auth_request_fail(request); |
| 19 | | | } else if (*authzid != '\0' && |
Event 2:
Skipping " if". *authzid != 0 evaluates to true.
hide
|
|
| 20 | [+] | | !auth_request_set_login_username(request, authzid, &error)) { |
Event 3:
auth_request_set_login_username() does not initialize error. - This may be because of a failure case or other special case for auth_request_set_login_username().
hide
|
|
 |
| 21 | | | |
| 22 | | | auth_request_log_info(request, "plain", |
| 23 | | | "login user: %s", error); |
Uninitialized Variable
error was not initialized. The issue can occur if the highlighted code executes. See related events 3 and 10. Show: All events | Only primary events |
|
| |