(/home/sate/Testcases/c/cve/wireshark-1.2.0/pcapio.c) |
| |
| 271 | | | (FILE *fp, |
| 272 | | | char *appname, |
| 273 | | | long *bytes_written, |
| 274 | | | int *err) |
| 275 | | | { |
| 276 | | | struct shb shb; |
| 277 | | | struct option option; |
| 278 | | | guint32 block_total_length; |
| 279 | | | const guint32 padding = 0; |
| 280 | | | |
| 281 | | | block_total_length = sizeof(struct shb) + |
| 282 | | | sizeof(guint32); |
| 283 | | | if ((strlen(appname) > 0) && (strlen(appname) < G_MAXUINT16)) {
x /usr/include/glib-2.0/glib/gtypes.h |
| |
68 | #define G_MAXUINT16 ((guint16) 0xffff) |
| |
|
Redundant Condition
strlen(...) < (guint16)65535 always evaluates to false. This may be because: - There is a constant assignment to one or more of the variables involved.
- An earlier conditional statement has already ensured that strlen(...) < (guint16)65535 cannot be true.
- A crashing bug occurs on every path where strlen(...) < (guint16)65535 could have evaluated to true. Look for a preceding Null Pointer Dereference or Division By Zero warning.
|
|
| 284 | | | block_total_length += 2 * sizeof(struct option) + |
| 285 | | | (guint16)(ADD_PADDING(strlen(appname) + 1)); |
| 286 | | | } |
| 287 | | | |
| 288 | | | shb.block_type = ; |
| 289 | | | shb.block_total_length = block_total_length; |
| 290 | | | shb.byte_order_magic = PCAPNG_MAGIC; |
| 291 | | | shb.major_version = PCAPNG_MAJOR_VERSION; |
| 292 | | | shb.minor_version = PCAPNG_MINOR_VERSION; |
| 293 | | | shb.section_length = -1; |
| 294 | | | WRITE_DATA(fp, &shb, sizeof(struct shb), *bytes_written, err);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/pcapio.c |
| |
173 | #define WRITE_DATA(file_pointer, data_pointer, data_length, written_length, error_pointer) \ |
174 | { \ |
175 | do { \ |
176 | size_t nwritten; \ |
177 | \ |
178 | nwritten = fwrite(data_pointer, 1, data_length, file_pointer); \ |
179 | if (nwritten != data_length) { \ |
180 | if (nwritten == 0 && ferror(file_pointer)) { \ |
181 | *error_pointer = errno; \ |
182 | } else { \ |
183 | *error_pointer = 0; \ |
184 | } \ |
185 | fclose(file_pointer); \ |
186 | return FALSE; \ |
187 | } \ |
188 | written_length += (long)nwritten; \ |
189 | } while (0); \ |
190 | } |
| |
|
| 295 | | | |
| 296 | | | if ((strlen(appname) > 0) && (strlen(appname) < G_MAXUINT16)) {
x /usr/include/glib-2.0/glib/gtypes.h |
| |
68 | #define G_MAXUINT16 ((guint16) 0xffff) |
| |
|
| 297 | | | |
| 298 | | | option.type = SHB_USERAPPL; |
| 299 | | | option.value_length = (guint16)(strlen(appname) + 1); |
| 300 | | | WRITE_DATA(fp, &option, sizeof(struct option), *bytes_written, err);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/pcapio.c |
| |
173 | #define WRITE_DATA(file_pointer, data_pointer, data_length, written_length, error_pointer) \ |
174 | { \ |
175 | do { \ |
176 | size_t nwritten; \ |
177 | \ |
178 | nwritten = fwrite(data_pointer, 1, data_length, file_pointer); \ |
179 | if (nwritten != data_length) { \ |
180 | if (nwritten == 0 && ferror(file_pointer)) { \ |
181 | *error_pointer = errno; \ |
182 | } else { \ |
183 | *error_pointer = 0; \ |
184 | } \ |
185 | fclose(file_pointer); \ |
186 | return FALSE; \ |
187 | } \ |
188 | written_length += (long)nwritten; \ |
189 | } while (0); \ |
190 | } |
| |
|
| 301 | | | WRITE_DATA(fp, appname, strlen(appname) + 1, *bytes_written, err);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/pcapio.c |
| |
173 | #define WRITE_DATA(file_pointer, data_pointer, data_length, written_length, error_pointer) \ |
174 | { \ |
175 | do { \ |
176 | size_t nwritten; \ |
177 | \ |
178 | nwritten = fwrite(data_pointer, 1, data_length, file_pointer); \ |
179 | if (nwritten != data_length) { \ |
180 | if (nwritten == 0 && ferror(file_pointer)) { \ |
181 | *error_pointer = errno; \ |
182 | } else { \ |
183 | *error_pointer = 0; \ |
184 | } \ |
185 | fclose(file_pointer); \ |
186 | return FALSE; \ |
187 | } \ |
188 | written_length += (long)nwritten; \ |
189 | } while (0); \ |
190 | } |
| |
|
| 302 | | | if ((strlen(appname) + 1) % 4) { |
| 303 | | | WRITE_DATA(fp, &padding, 4 - (strlen(appname) + 1) % 4, *bytes_written, err);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/pcapio.c |
| |
173 | #define WRITE_DATA(file_pointer, data_pointer, data_length, written_length, error_pointer) \ |
174 | { \ |
175 | do { \ |
176 | size_t nwritten; \ |
177 | \ |
178 | nwritten = fwrite(data_pointer, 1, data_length, file_pointer); \ |
179 | if (nwritten != data_length) { \ |
180 | if (nwritten == 0 && ferror(file_pointer)) { \ |
181 | *error_pointer = errno; \ |
182 | } else { \ |
183 | *error_pointer = 0; \ |
184 | } \ |
185 | fclose(file_pointer); \ |
186 | return FALSE; \ |
187 | } \ |
188 | written_length += (long)nwritten; \ |
189 | } while (0); \ |
190 | } |
| |
|
| 304 | | | } |
| 305 | | | |
| 306 | | | option.type = OPT_ENDOFOPT; |
| 307 | | | option.value_length = 0; |
| 308 | | | WRITE_DATA(fp, &option, sizeof(struct option), *bytes_written, err);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/pcapio.c |
| |
173 | #define WRITE_DATA(file_pointer, data_pointer, data_length, written_length, error_pointer) \ |
174 | { \ |
175 | do { \ |
176 | size_t nwritten; \ |
177 | \ |
178 | nwritten = fwrite(data_pointer, 1, data_length, file_pointer); \ |
179 | if (nwritten != data_length) { \ |
180 | if (nwritten == 0 && ferror(file_pointer)) { \ |
181 | *error_pointer = errno; \ |
182 | } else { \ |
183 | *error_pointer = 0; \ |
184 | } \ |
185 | fclose(file_pointer); \ |
186 | return FALSE; \ |
187 | } \ |
188 | written_length += (long)nwritten; \ |
189 | } while (0); \ |
190 | } |
| |
|
| 309 | | | } |
| 310 | | | |
| 311 | | | WRITE_DATA(fp, &block_total_length, sizeof(guint32), *bytes_written, err);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/pcapio.c |
| |
173 | #define WRITE_DATA(file_pointer, data_pointer, data_length, written_length, error_pointer) \ |
174 | { \ |
175 | do { \ |
176 | size_t nwritten; \ |
177 | \ |
178 | nwritten = fwrite(data_pointer, 1, data_length, file_pointer); \ |
179 | if (nwritten != data_length) { \ |
180 | if (nwritten == 0 && ferror(file_pointer)) { \ |
181 | *error_pointer = errno; \ |
182 | } else { \ |
183 | *error_pointer = 0; \ |
184 | } \ |
185 | fclose(file_pointer); \ |
186 | return FALSE; \ |
187 | } \ |
188 | written_length += (long)nwritten; \ |
189 | } while (0); \ |
190 | } |
| |
|
| 312 | | | return TRUE; |
| 313 | | | } |
| |