(/home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-jxta.c) |
| |
| 749 | | | static int dissect_jxta_stream(tvbuff_t * tvb, packet_info * pinfo, proto_tree * tree) |
| 750 | | | { |
| 751 | | | guint offset = 0; |
| 752 | [+] | | guint available = tvb_reported_length_remaining(tvb, offset); |
 |
| 753 | | | gint processed = 0; |
| 754 | | | gint needed = 0; |
| 755 | | | conversation_t *tpt_conversation = NULL; |
| 756 | | | jxta_stream_conversation_data *tpt_conv_data = NULL; |
| 757 | | | proto_item *jxta_tree_item = NULL; |
| 758 | | | proto_tree *jxta_tree = NULL; |
| 759 | | | |
| 760 | | | |
| 761 | | | |
| 762 | | | if (available < sizeof(JXTA_WELCOME_MSG_SIG)) { |
Event 5:
Skipping " if". available < sizeof( JXTA_WELCOME_MSG_SIG ) evaluates to false.
hide
|
|
| 763 | | | needed = (gint) (sizeof(JXTA_WELCOME_MSG_SIG) - available); |
| 764 | | | goto Common_Exit; |
| 765 | | | } |
| 766 | | | |
| 767 | [+] | | if (0 == tvb_memeql(tvb, 0, JXTA_WELCOME_MSG_SIG, sizeof(JXTA_WELCOME_MSG_SIG))) { |
 |
| 768 | | | |
| 769 | | | address *welcome_addr; |
| 770 | | | gboolean initiator = FALSE; |
| 771 | | | |
| 772 | | | tpt_conversation = get_tpt_conversation(pinfo, TRUE); |
Event 9:
!0 evaluates to true.
hide
|
|
| 773 | [+] | | tpt_conv_data = (jxta_stream_conversation_data *) conversation_get_proto_data(tpt_conversation, proto_jxta); |
 |
| 774 | | | |
| 775 | | | if (0 == tpt_conv_data->initiator_welcome_frame) { |
Null Pointer Dereference
tpt_conv_data is dereferenced here, but it is NULL. The issue can occur if the highlighted code executes. See related event 13. Show: All events | Only primary events |
|
| |