(/home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-ldap.c) |
| |
| 3820 | | | static void dissect_NetLogon_PDU(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree) |
| 3821 | | | { |
| 3822 | | | int old_offset, offset=0; |
| 3823 | | | char str[256]; |
| 3824 | | | guint16 itype; |
| 3825 | | | guint16 len; |
| 3826 | | | guint32 version; |
| 3827 | | | const char *fn; |
| 3828 | | | int fn_len; |
| 3829 | | | guint16 bc; |
| 3830 | | | proto_item *item; |
| 3831 | | | |
| 3832 | | | ldm_tree = NULL; |
| 3833 | | | |
| 3834 | | | |
| 3835 | | | |
| 3836 | [+] | | len=tvb_length_remaining(tvb,offset); |
 |
| 3837 | | | |
| 3838 | | | |
| 3839 | | | if (len < 10) return; |
Event 12:
Skipping " if". len < 10 evaluates to false.
hide
|
|
| 3840 | | | |
| 3841 | | | |
| 3842 | [+] | | itype = tvb_get_letohs(tvb, offset); |
 |
| 3843 | | | |
| 3844 | | | |
| 3845 | | | |
| 3846 | | | |
| 3847 | | | |
| 3848 | | | version = tvb_get_letohl(tvb,len-8); |
| 3849 | | | |
| 3850 | | | switch(itype){ |
Event 13:
itype evaluates to 19.
hide
|
|
| 3851 | | | |
| 3852 | | | case LOGON_SAM_LOGON_RESPONSE: |
| 3853 | | | |
| 3854 | | | proto_tree_add_uint_format(tree, hf_mscldap_netlogon_type, tvb,offset, 2, itype,"Type: LOGON_SAM_LOGON_RESPONSE (19)" ); |
| 3855 | | | offset = 2; |
| 3856 | | | |
| 3857 | | | |
| 3858 | [+] | | fn = get_unicode_or_ascii_string(tvb,&offset,TRUE,&fn_len,FALSE,FALSE,&bc); |
Event 14:
!0 evaluates to true.
hide
Event 15:
&bc is passed to get_unicode_or_ascii_string() as the seventh argument.
hide
Event 16:
get_unicode_or_ascii_string() does not initialize bc. - This may be because of a failure case or other special case for get_unicode_or_ascii_string().
hide
|
|
 |
| |