(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/master/auth-process.c) |
| |
| 520 | | | static int create_auth_process(struct auth_process_group *group) |
| 521 | | | { |
| 522 | | | struct auth_socket_settings *as; |
| 523 | | | const char *prefix, *executable; |
| 524 | | | struct log_io *log; |
| 525 | | | pid_t pid; |
| 526 | | | int fd[2], log_fd, i; |
| 527 | | | |
| 528 | | | |
| 529 | | | as = group->set->sockets; |
| 530 | | | if (as != NULL && strcmp(as->type, "connect") == 0) |
Event 1:
Skipping " if". as != (void *)0 evaluates to false.
hide
|
|
| 531 | | | return connect_auth_socket(group, as->master.path); |
| 532 | | | |
| 533 | | | |
| 534 | | | if (socketpair(AF_UNIX, SOCK_STREAM, 0, fd) < 0) {
x /usr/include/bits/socket.h |
| |
76 | #define PF_UNIX PF_LOCAL /* POSIX name for PF_LOCAL. */ |
| |
x /usr/include/bits/socket.h |
| |
75 | #define PF_LOCAL 1 /* Local to host (pipes and file-domain). */ |
| |
x /usr/include/bits/socket.h |
| |
75 | #define PF_LOCAL 1 /* Local to host (pipes and file-domain). */ |
| |
x /usr/include/bits/socket.h |
| |
44 | #define SOCK_STREAM SOCK_STREAM |
| |
|
Event 2:
Skipping " if". socketpair(...) < 0 evaluates to false.
hide
|
|
| 535 | | | i_error("socketpair() failed: %m"); |
| 536 | | | return -1; |
| 537 | | | } |
| 538 | | | |
| 539 | [+] | | log_fd = log_create_pipe(&log, 0); |
 |
| 540 | | | if (log_fd < 0) |
Event 6:
Taking true branch. log_fd < 0 evaluates to true.
hide
|
|
| 541 | | | pid = -1; |
| 542 | | | else { |
| 543 | | | pid = fork(); |
| 544 | | | if (pid < 0) |
| 545 | | | i_error("fork() failed: %m"); |
| 546 | | | } |
| 547 | | | |
| 548 | | | if (pid < 0) { |
Event 7:
Taking true branch. pid < 0 evaluates to true.
hide
|
|
| 549 | | | (void)close(fd[0]); |
| 550 | | | (void)close(fd[1]); |
| 551 | | | (void)close(log_fd); |
Event 8:
log_fd, which evaluates to -1, is passed to close(). See related event 5.
hide
Negative file descriptor
File descriptor argument log_fd has value -1. - close() will fail when called with a negative file descriptor.
The issue can occur if the highlighted code executes. See related event 8. Show: All events | Only primary events |
|
| |