(/home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-sccp.c) |
| |
| 1605 | | | dissect_sccp_data_param(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) |
| 1606 | | | { |
| 1607 | | | guint8 ssn = INVALID_SSN; |
| 1608 | | | guint8 other_ssn = INVALID_SSN; |
| 1609 | | | const mtp3_addr_pc_t* dpc; |
| 1610 | | | const mtp3_addr_pc_t* opc; |
| 1611 | | | |
| 1612 | | | if (trace_sccp && assoc && assoc != &no_assoc) { |
Event 1:
Taking false branch. - trace_sccp evaluates to true.
- assoc evaluates to false.
hide
Event 2:
Considering the case where assoc is equal to 0.
hide
|
|
| 1613 | | | pinfo->sccp_info = assoc->curr_msg; |
| 1614 | | | } else { |
| 1615 | | | pinfo->sccp_info = NULL; |
| 1616 | | | } |
| 1617 | | | |
| 1618 | | | switch (pinfo->p2p_dir) { |
Event 3:
Executing default case.
hide
|
|
| 1619 | | | case P2P_DIR_SENT: |
| 1620 | | | ssn = assoc->calling_ssn; |
| 1621 | | | other_ssn = assoc->called_ssn; |
| 1622 | | | dpc = (const mtp3_addr_pc_t*)pinfo->dst.data; |
| 1623 | | | opc = (const mtp3_addr_pc_t*)pinfo->src.data; |
| 1624 | | | break; |
| 1625 | | | case P2P_DIR_RECV: |
| 1626 | | | ssn = assoc->called_ssn; |
| 1627 | | | other_ssn = assoc->calling_ssn; |
| 1628 | | | dpc = (const mtp3_addr_pc_t*)pinfo->src.data; |
| 1629 | | | opc = (const mtp3_addr_pc_t*)pinfo->dst.data; |
| 1630 | | | break; |
| 1631 | | | default: |
| 1632 | | | ssn = assoc->called_ssn; |
Null Pointer Dereference
assoc is dereferenced here, but it is NULL. - The pointer is assoc, which must be equal to 0.
The issue can occur if the highlighted code executes. See related event 2. Show: All events | Only primary events |
|
| |