(/home/sate/Testcases/c/cve/wireshark-1.2.0/text2pcap.c) |
| |
| 872 | | | parse_token (token_t token, char *str) |
| 873 | | | { |
| 874 | | | unsigned long num; |
| 875 | | | |
| 876 | | | |
| 877 | | | |
| 878 | | | |
| 879 | | | |
| 880 | | | |
| 881 | | | |
| 882 | | | if (debug>=2) { |
Event 1:
Taking true branch. debug >= 2 evaluates to true.
hide
|
|
| 883 | | | |
| 884 | | | char *c; |
| 885 | | | if (str!=NULL) { while ((c = strchr(str, '\r')) != NULL) *c=' '; } |
Event 2:
Skipping " if". str != (void *)0 evaluates to false.
hide
Event 3:
Considering the case where str must have been equal to 0.
hide
|
|
| 886 | | | |
| 887 | | | fprintf(stderr, "(%s, %s \"%s\") -> (", |
| 888 | | | state_str[state], token_str[token], str ? str : ""); |
Event 4:
str evaluates to false.
hide
|
|
| 889 | | | } |
| 890 | | | |
| 891 | | | switch(state) { |
Event 5:
state evaluates to 3.
hide
|
|
| 892 | | | |
| 893 | | | |
| 894 | | | case INIT: |
| 895 | | | switch(token) { |
| 896 | | | case T_TEXT: |
| 897 | | | append_to_preamble(str); |
| 898 | | | break; |
| 899 | | | case T_DIRECTIVE: |
| 900 | | | process_directive(str); |
| 901 | | | break; |
| 902 971 |  | | [ Lines 902 to 971 omitted. ] |
| 972 | | | break; |
| 973 | | | case T_EOL: |
| 974 | | | state = START_OF_LINE; |
| 975 | | | break; |
| 976 | | | default: |
| 977 | | | break; |
| 978 | | | } |
| 979 | | | break; |
| 980 | | | |
| 981 | | | |
| 982 | | | case READ_BYTE: |
| 983 | | | switch(token) { |
Event 6:
token evaluates to 1.
hide
|
|
| 984 | | | case T_BYTE: |
| 985 | | | |
| 986 | [+] | | write_byte(str); |
Event 7:
str is passed to write_byte(). - Dereferenced later, causing the null pointer dereference.
hide
|
|
 |
| |