(/home/sate/Testcases/c/cve/wireshark-1.2.0/wiretap/file_access.c) |
| |
| 742 | | | wtap_dumper* wtap_dump_open(const char *filename, int filetype, int encap, |
| 743 | | | int snaplen, gboolean compressed, int *err) |
| 744 | | | { |
| 745 | | | wtap_dumper *wdh; |
| 746 | | | FILE *fh; |
| 747 | | | |
| 748 | | | |
| 749 | | | |
| 750 | [+] | | if (!wtap_dump_open_check(filetype, encap, compressed, err)) |
 |
| 751 | | | return NULL; |
| 752 | | | |
| 753 | | | |
| 754 | [+] | | wdh = wtap_dump_alloc_wdh(filetype, encap, snaplen, compressed, err); |
 |
| 755 | | | if (wdh == NULL) |
Event 9:
Skipping " if". wdh == (void *)0 evaluates to false.
hide
|
|
| 756 | | | return NULL; |
| 757 | | | |
| 758 | | | |
| 759 | | | if (strcmp(filename, "-") == 0) { |
Event 10:
Taking false branch. strcmp(filename, "-") == 0 evaluates to false.
hide
|
|
| 760 | | | if(compressed) { |
| 761 | | | g_free(wdh); |
| 762 | | | return NULL; |
| 763 | | | } |
| 764 | | | #ifdef _WIN32 |
| 765 | | | setmode(fileno(stdout), O_BINARY); |
| 766 | | | #endif |
| 767 | | | wdh->fh = stdout; |
| 768 | | | } else { |
| 769 | | | |
| 770 | | | |
| 771 | | | errno = WTAP_ERR_CANT_OPEN; |
| 772 | [+] | | fh = wtap_dump_file_open(wdh, filename); |
Event 11:
filename is passed to wtap_dump_file_open() as the second argument.
hide
|
|
 |
| 773 | | | if (fh == NULL) { |
Event 16:
Skipping " if". fh == (void *)0 evaluates to false.
hide
|
|
| 774 | | | *err = errno; |
| 775 | | | g_free(wdh); |
| 776 | | | return NULL; |
| 777 | | | } |
| 778 | | | wdh->fh = fh; |
| 779 | | | } |
| 780 | | | |
| 781 | [+] | | if (!wtap_dump_open_finish(wdh, filetype, compressed, err)) { |
 |
| 782 | | | |
| 783 | | | |
| 784 | | | if (wdh->fh != stdout) { |
Event 22:
Taking true branch. wdh->fh != stdout evaluates to true.
hide
|
|
| 785 | | | wtap_dump_file_close(wdh); |
| 786 | | | ws_unlink(filename); |
Event 23:
filename is passed to unlink().
hide
File System Race Condition
The file named filename is accessed again. Another process may have changed the file since the access at file_access.c:982. For example, an attacker could replace the original file with a link to a file containing important or confidential data. The issue can occur if the highlighted code executes. See related events 15 and 23. Show: All events | Only primary events |
|
| |