(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/lib-storage/index/dbox/dbox-index.c) |
| |
| 681 | | | dbox_index_append_file_record(struct dbox_index_append_context *ctx, |
| 682 | | | struct dbox_index_record *record, |
| 683 | | | uoff_t mail_size, struct dbox_file **file_r, |
| 684 | | | struct ostream **output_r) |
| 685 | | | { |
| 686 | | | struct dbox_file *const *files, *file; |
| 687 | | | enum dbox_index_file_lock_status lock_status; |
| 688 | | | unsigned int i, count; |
| 689 | | | |
| 690 | | | if (record->status != DBOX_INDEX_FILE_STATUS_APPENDABLE) |
Event 1:
Skipping " if". record->status != DBOX_INDEX_FILE_STATUS_APPENDABLE evaluates to false.
hide
|
|
| 691 | | | return FALSE; |
| 692 | | | |
| 693 | | | if (record->expunges) |
Event 2:
Skipping " if". record->expunges evaluates to false.
hide
|
|
| 694 | | | return FALSE; |
| 695 | | | |
| 696 | | | |
| 697 | | | |
| 698 | | | files = array_get(&ctx->files, &count);
x /home/sate/Testcases/c/cve/dovecot-1.2.0/src/lib/array.h |
| |
156 | #define array_get(array, count) \ |
157 | ARRAY_TYPE_CAST_CONST(array)array_get_i(&(array)->arr, count) |
| |
x /home/sate/Testcases/c/cve/dovecot-1.2.0/src/lib/array.h |
| |
43 | # define ARRAY_TYPE_CAST_CONST(array) \ |
44 | (typeof(*(array)->v)) |
| |
|
| 699 | | | for (i = 0; i < count; i++) { |
Event 3:
Leaving loop. i < count evaluates to false.
hide
|
|
| 700 | | | if (files[i]->file_id == record->file_id) |
| 701 | | | return FALSE; |
| 702 | | | } |
| 703 | | | i_assert(!record->locked);
x /home/sate/Testcases/c/cve/dovecot-1.2.0/src/lib/macros.h |
| |
189 | #define i_assert(expr) STMT_START{ \ |
190 | if (unlikely(!(expr))) \ |
191 | i_panic("file %s: line %d (%s): assertion failed: (%s)", \ |
192 | __FILE__, \ |
193 | __LINE__, \ |
194 | __PRETTY_FUNCTION__, \ |
195 | #expr); }STMT_END |
| |
|
Event 4:
Skipping " if". !record->locked evaluates to true.
hide
Event 5:
Skipping " if". !!record->locked evaluates to false.
hide
Event 6:
Skipping " if". !!!record->locked evaluates to true.
hide
Event 7:
Skipping " if". !!!!record->locked evaluates to false.
hide
Event 8:
Skipping " if". __builtin_expect(...) evaluates to false.
hide
|
|
| 704 | | | |
| 705 | | | if (dbox_index_try_lock_file(ctx->index, record->file_id, |
| 706 | | | &lock_status) <= 0) |
Event 9:
Skipping " if". dbox_index_try_lock_file(...) <= 0 evaluates to false.
hide
|
|
| 707 | | | return FALSE; |
| 708 | | | |
| 709 | | | |
| 710 | [+] | | file = dbox_file_init(ctx->index->mbox, record->file_id); |
Event 10:
The resource of interest is allocated inside dbox_file_init().
hide
|
|
 |
| 711 | [+] | | if (dbox_file_get_append_stream(file, mail_size, output_r) <= 0) { |
Event 27:
The resource of interest is passed to dbox_file_get_append_stream() as the first argument. - dbox_file_get_append_stream() does not free it or save any references that are freed later.
- file, which evaluates to malloc(size) from imem.c:9, is passed to dbox_file_get_append_stream() as the first argument.
See related event 26.
hide
|
|
 |
| 712 | | | dbox_index_unlock_file(ctx->index, record->file_id); |
| 713 | [+] | | dbox_file_unref(&file); |
Event 37:
&file is passed to dbox_file_unref().
hide
|
|
 |
| |