(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/master/master-settings.c) |
| |
| 441 | | | static bool auth_settings_verify(struct auth_settings *auth) |
| 442 | | | { |
| 443 | | | struct passwd *pw; |
| 444 | | | struct auth_socket_settings *s; |
| 445 | | | |
| 446 | | | if ((pw = getpwnam(auth->user)) == NULL) { |
Event 1:
Skipping " if". (pw = getpwnam(...)) == (void *)0 evaluates to false.
hide
|
|
| 447 | | | i_error("Auth user doesn't exist: %s", auth->user); |
| 448 | | | return FALSE; |
| 449 | | | } |
| 450 | | | |
| 451 | | | if (auth->parent->defaults->login_uid == pw->pw_uid && |
Event 2:
Skipping " if". auth->parent->defaults->login_uid == pw->pw_uid evaluates to false.
hide
|
|
| 452 | | | master_uid != pw->pw_uid) { |
| 453 | | | i_error("login_user %s (uid %s) must not be same as auth_user", |
| 454 | | | auth->user, dec2str(pw->pw_uid)); |
| 455 | | | return FALSE; |
| 456 | | | } |
| 457 | | | auth->uid = pw->pw_uid; |
| 458 | | | auth->gid = pw->pw_gid; |
| 459 | | | |
| 460 | | | if (access(t_strcut(auth->executable, ' '), X_OK) < 0) {
x /usr/include/unistd.h |
| |
284 | #define X_OK 1 /* Test for execute permission. */ |
| |
|
Event 3:
Skipping " if". access(...) < 0 evaluates to false.
hide
|
|
| 461 | | | i_error("auth_executable: Can't use %s: %m", |
| 462 | | | t_strcut(auth->executable, ' ')); |
| 463 | | | return FALSE; |
| 464 | | | } |
| 465 | | | |
| 466 | [+] | | fix_base_path(auth->parent->defaults, &auth->chroot); |
Event 4:
&auth->chroot is passed to fix_base_path() as the second argument.
hide
|
|
 |
| 467 | | | if (*auth->chroot != '\0' && access(auth->chroot, X_OK) < 0) {
x /usr/include/unistd.h |
| |
284 | #define X_OK 1 /* Test for execute permission. */ |
| |
|
Null Pointer Dereference
auth->chroot is dereferenced here, but it is NULL. The issue can occur if the highlighted code executes. See related event 13. Show: All events | Only primary events |
|
| |