(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/lib-auth/auth-server-connection.c) |
| |
| 155 | | | static void auth_client_input(struct auth_server_connection *conn) |
| 156 | | | { |
| 157 | | | const char *line; |
| 158 | | | int ret; |
| 159 | | | |
| 160 | [+] | | switch (i_stream_read(conn->input)) { |
 |
| 161 | | | case 0: |
| 162 | | | return; |
| 163 | | | case -1: |
| 164 | | | |
| 165 | | | auth_server_connection_destroy(&conn, TRUE); |
| 166 | | | return; |
| 167 | | | case -2: |
| 168 | | | |
| 169 | | | i_error("BUG: Auth server sent us more than %d bytes of data", |
| 170 | | | AUTH_CLIENT_MAX_LINE_LENGTH); |
| 171 | | | auth_server_connection_destroy(&conn, FALSE); |
| 172 | | | return; |
| 173 | | | } |
| 174 | | | |
| 175 | | | if (conn->version_received) { |
Event 16:
Skipping " if". conn->version_received evaluates to false.
hide
|
|
| 176 | | | line = i_stream_next_line(conn->input); |
| 177 | | | if (line == NULL) |
| 178 | | | return; |
| 179 | | | |
| 180 | | | |
| 181 | | | if (strncmp(line, "VERSION\t", 8) != 0 || |
| 182 | | | atoi(t_strcut(line + 8, '\t')) != |
| 183 | | | AUTH_CLIENT_PROTOCOL_MAJOR_VERSION) { |
| 184 | | | i_error("Authentication server not compatible with " |
| 185 | | | "this client (mixed old and new binaries?)"); |
| 186 | | | auth_server_connection_destroy(&conn, FALSE); |
| 187 | | | return; |
| 188 | | | } |
| 189 | | | conn->version_received = TRUE; |
| 190 | | | } |
| 191 | | | |
| 192 | | | conn->refcount++; |
| 193 | | | while ((line = i_stream_next_line(conn->input)) != NULL) { |
Event 17:
Entering loop body. (line = i_stream_next_line(...)) != (void *)0 evaluates to true.
hide
|
|
| 194 | | | T_BEGIN {
x /home/sate/Testcases/c/cve/dovecot-1.2.0/src/lib/data-stack.h |
| |
49 | #define T_BEGIN \ |
50 | STMT_START { unsigned int _data_stack_cur_id = t_push(); |
| |
|
| 195 | | | ret = auth_client_input_line(conn, line); |
| 196 | | | } T_END; |
| 197 | | | |
| 198 | | | if (!ret) { |
Event 18:
Taking true branch. ret evaluates to false.
hide
|
|
| 199 | [+] | | auth_server_connection_destroy(&conn, FALSE); |
Event 19:
&conn is passed to auth_server_connection_destroy() as the first argument.
hide
|
|
 |
| 200 | | | break; |
| 201 | | | } |
| 202 | | | } |
| 203 | [+] | | auth_server_connection_unref(conn); |
Event 23:
conn, which evaluates to NULL, is passed to auth_server_connection_unref(). See related event 21.
hide
|
|
 |
| |