(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/lib/buffer.c) |
| |
| 176 | | | void buffer_insert(buffer_t *_buf, size_t pos, |
| 177 | | | const void *data, size_t data_size) |
| 178 | | | { |
| 179 | | | struct real_buffer *buf = (struct real_buffer *)_buf; |
| 180 | | | |
| 181 | | | if (pos >= buf->used) |
Event 1:
Taking false branch. pos >= buf->used evaluates to false.
hide
|
|
| 182 | | | buffer_write(_buf, pos, data, data_size); |
| 183 | | | else { |
| 184 | [+] | | buffer_copy(_buf, pos + data_size, _buf, pos, (size_t)-1); |
Event 2:
-1 is passed to buffer_copy() as the fifth argument. - Determines the size in the Unreasonable Size Argument warning later.
hide
|
|
 |
| |