(/home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.c) |
| |
| 5973 | | | proto_item * |
| 5974 | | | proto_tree_add_bits_ret_val(proto_tree *tree, int hf_index, tvbuff_t *tvb, gint bit_offset, gint no_of_bits, guint64 *return_value, gboolean little_endian) |
| 5975 | | | { |
| 5976 | | | const char *format = NULL; |
| 5977 | | | gint offset; |
| 5978 | | | guint length; |
| 5979 | | | guint8 tot_no_bits; |
| 5980 | | | guint8 remaining_bits; |
| 5981 | | | guint64 mask = 0,tmp; |
| 5982 | | | char *str; |
| 5983 | | | *hf_field; |
| 5984 | | | guint64 value = 0; |
| 5985 | | | int bit; |
| 5986 | | | int i; |
| 5987 | | | |
| 5988 | | | hf_field = proto_registrar_get_nth(hf_index); |
| 5989 | | | |
| 5990 | | | if(hf_field -> bitmask != 0) { |
| 5991 | | | REPORT_DISSECTOR_BUG(ep_strdup_printf("Incompatible use of proto_tree_add_bits_ret_val with field '%s' (%s) with bitmask != 0",
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
106 | #define REPORT_DISSECTOR_BUG(message) \ |
107 | ((getenv("WIRESHARK_ABORT_ON_DISSECTOR_BUG") != NULL) ? \ |
108 | abort() : \ |
109 | THROW_MESSAGE(DissectorError, message)) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/exceptions.h |
| |
226 | #define THROW_MESSAGE(x, y) \ |
227 | except_throw(XCEPT_GROUP_WIRESHARK, (x), (y)) |
| |
|
| 5992 | | | hf_field->abbrev, hf_field->name)); |
| 5993 | | | } |
| 5994 | | | |
| 5995 | | | DISSECTOR_ASSERT(bit_offset >= 0);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
117 | #define DISSECTOR_ASSERT(expression) \ |
118 | ((void) ((expression) ? (void)0 : \ |
119 | __DISSECTOR_ASSERT (expression, __FILE__, __LINE__))) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
138 | #define __DISSECTOR_ASSERT(expression, file, lineno) \ |
139 | (REPORT_DISSECTOR_BUG( \ |
140 | ep_strdup_printf("%s:%u: failed assertion \"%s\"", \ |
141 | file, lineno, __DISSECTOR_ASSERT_STRINGIFY(expression)))) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
106 | #define REPORT_DISSECTOR_BUG(message) \ |
107 | ((getenv("WIRESHARK_ABORT_ON_DISSECTOR_BUG") != NULL) ? \ |
108 | abort() : \ |
109 | THROW_MESSAGE(DissectorError, message)) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/exceptions.h |
| |
226 | #define THROW_MESSAGE(x, y) \ |
227 | except_throw(XCEPT_GROUP_WIRESHARK, (x), (y)) |
| |
|
| 5996 | | | DISSECTOR_ASSERT(no_of_bits > 0);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
117 | #define DISSECTOR_ASSERT(expression) \ |
118 | ((void) ((expression) ? (void)0 : \ |
119 | __DISSECTOR_ASSERT (expression, __FILE__, __LINE__))) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
138 | #define __DISSECTOR_ASSERT(expression, file, lineno) \ |
139 | (REPORT_DISSECTOR_BUG( \ |
140 | ep_strdup_printf("%s:%u: failed assertion \"%s\"", \ |
141 | file, lineno, __DISSECTOR_ASSERT_STRINGIFY(expression)))) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
106 | #define REPORT_DISSECTOR_BUG(message) \ |
107 | ((getenv("WIRESHARK_ABORT_ON_DISSECTOR_BUG") != NULL) ? \ |
108 | abort() : \ |
109 | THROW_MESSAGE(DissectorError, message)) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/exceptions.h |
| |
226 | #define THROW_MESSAGE(x, y) \ |
227 | except_throw(XCEPT_GROUP_WIRESHARK, (x), (y)) |
| |
|
| 5997 | | | |
| 5998 | | | |
| 5999 | | | offset = bit_offset>>3; |
| 6000 | | | |
| 6001 | | | |
| 6002 | | | |
| 6003 | | | |
| 6004 | | | tot_no_bits = ((bit_offset&0x7)+no_of_bits); |
| 6005 | | | length = tot_no_bits>>3; |
| 6006 | | | remaining_bits = tot_no_bits % 8; |
| 6007 | | | if ((remaining_bits)!=0) |
| 6008 | | | length++; |
| 6009 | | | |
| 6010 | | | if (no_of_bits < 9){ |
| 6011 | | | value = tvb_get_bits8(tvb, bit_offset, no_of_bits); |
| 6012 | | | }else if(no_of_bits < 17){ |
| 6013 | | | value = tvb_get_bits16(tvb, bit_offset, no_of_bits, little_endian); |
| 6014 | | | }else if(no_of_bits < 33){ |
| 6015 | | | value = tvb_get_bits32(tvb, bit_offset, no_of_bits, little_endian); |
| 6016 | | | }else if(no_of_bits < 65){ |
| 6017 | | | value = tvb_get_bits64(tvb, bit_offset, no_of_bits, little_endian); |
| 6018 | | | }else{ |
| 6019 | | | DISSECTOR_ASSERT_NOT_REACHED();
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
131 | #define DISSECTOR_ASSERT_NOT_REACHED() \ |
132 | (REPORT_DISSECTOR_BUG( \ |
133 | ep_strdup_printf("%s:%u: failed assertion \"DISSECTOR_ASSERT_NOT_REACHED\"", \ |
134 | __FILE__, __LINE__))) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
106 | #define REPORT_DISSECTOR_BUG(message) \ |
107 | ((getenv("WIRESHARK_ABORT_ON_DISSECTOR_BUG") != NULL) ? \ |
108 | abort() : \ |
109 | THROW_MESSAGE(DissectorError, message)) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/exceptions.h |
| |
226 | #define THROW_MESSAGE(x, y) \ |
227 | except_throw(XCEPT_GROUP_WIRESHARK, (x), (y)) |
| |
|
| 6020 | | | return NULL; |
| 6021 | | | } |
| 6022 | | | |
| 6023 | | | if(return_value){ |
| 6024 | | | *return_value=value; |
| 6025 | | | } |
| 6026 | | | |
| 6027 | | | mask = 1; |
| 6028 | | | mask = mask << (no_of_bits-1); |
| 6029 | | | |
| 6030 | | | |
| 6031 | | | str=ep_alloc(256); |
| 6032 | | | str[0]='\0'; |
| 6033 | | | for(bit=0;bit<((int)(bit_offset&0x07));bit++){ |
| 6034 | | | if(bit&&(!(bit%4))){ |
| 6035 | | | strcat(str, " "); |
| 6036 | | | } |
| 6037 | | | strcat(str,"."); |
| 6038 | | | } |
| 6039 | | | |
| 6040 | | | |
| 6041 | | | for(i=0;i<no_of_bits;i++){ |
| 6042 | | | if(bit&&(!(bit%4))){ |
| 6043 | | | strcat(str, " "); |
| 6044 | | | } |
| 6045 | | | if(bit&&(!(bit%8))){ |
| 6046 | | | strcat(str, " "); |
| 6047 | | | } |
| 6048 | | | bit++; |
| 6049 | | | tmp = value & mask; |
| 6050 | | | if(tmp != 0){ |
| 6051 | | | strcat(str, "1"); |
| 6052 | | | } else { |
| 6053 | | | strcat(str, "0"); |
| 6054 | | | } |
| 6055 | | | mask = mask>>1; |
| 6056 | | | } |
| 6057 | | | |
| 6058 | | | for(;bit%8;bit++){ |
| 6059 | | | if(bit&&(!(bit%4))){ |
| 6060 | | | strcat(str, " "); |
| 6061 | | | } |
| 6062 | | | strcat(str,"."); |
| 6063 | | | } |
| 6064 | | | |
| 6065 | | | strcat(str," = "); |
| 6066 | | | strcat(str,hf_field->name); |
| 6067 | | | |
| 6068 | | | switch(hf_field->type){ |
| 6069 | | | case FT_BOOLEAN: |
| 6070 | | | |
| 6071 | | | if (hf_field->strings) { |
| 6072 | | | const true_false_string *tfstring = |
| 6073 | | | (const true_false_string *) hf_field->strings; |
| 6074 | | | return proto_tree_add_boolean_format(tree, hf_index, tvb, offset, length, (guint32)value, |
| 6075 | | | "%s: %s", |
| 6076 | | | str, |
| 6077 | | | (guint32)value ? tfstring->true_string : tfstring->false_string); |
| 6078 | | | }else{ |
| 6079 | | | return proto_tree_add_boolean_format(tree, hf_index, tvb, offset, length, (guint32)value, |
| 6080 | | | "%s: %u", |
| 6081 | | | str, |
| 6082 | | | (guint32)value); |
| 6083 | | | } |
| 6084 | | | break; |
| 6085 | | | |
| 6086 | | | case FT_UINT8: |
| 6087 | | | case FT_UINT16: |
| 6088 | | | case FT_UINT24: |
| 6089 | | | case FT_UINT32: |
| 6090 | | | |
| 6091 | | | if (hf_field->strings) { |
| 6092 | | | return proto_tree_add_uint_format(tree, hf_index, tvb, offset, length, (guint32)value, |
| 6093 | | | "%s: %s (%u)", |
| 6094 | | | str, (hf_field->display & BASE_RANGE_STRING) ? |
| 6095 | | | rval_to_str((guint32)value, hf_field->strings, "Unknown ") : |
| 6096 | | | val_to_str((guint32)value, cVALS(hf_field->strings), "Unknown "), |
| 6097 | | | (guint32)value); |
| 6098 | | | break; |
| 6099 | | | } |
| 6100 | | | |
| 6101 | | | format = hfinfo_uint_format(hf_field); |
| 6102 | | | if (IS_BASE_DUAL(hf_field->display)) {
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
162 | #define IS_BASE_DUAL(b) ((b)==BASE_DEC_HEX||(b)==BASE_HEX_DEC) |
| |
|
| 6103 | | | return proto_tree_add_uint_format(tree, hf_index, tvb, offset, length, (guint32)value, |
| 6104 | | | format, str, (guint32)value, (guint32)value); |
Format String
proto_tree_add_uint_format() is being called with a format string that is not constant. The format string (seventh argument) may not match the other arguments to proto_tree_add_uint_format(); this could lead to security or stability problems. proto_tree_add_uint_format() is usually called with strings that look like format strings in this project. |
|
| 6105 | | | } else { |
| 6106 | | | return proto_tree_add_uint_format(tree, hf_index, tvb, offset, length, (guint32)value, |
| 6107 | | | format, str, (guint32)value); |
| 6108 | | | } |
| 6109 | | | break; |
| 6110 | | | |
| 6111 | | | case FT_UINT64: |
| 6112 | | | |
| 6113 | | | format = hfinfo_uint64_format(hf_field); |
| 6114 | | | if (IS_BASE_DUAL(hf_field->display)) {
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
162 | #define IS_BASE_DUAL(b) ((b)==BASE_DEC_HEX||(b)==BASE_HEX_DEC) |
| |
|
| 6115 | | | return proto_tree_add_uint64_format(tree, hf_index, tvb, offset, length, value, |
| 6116 | | | format, str, value, value); |
| 6117 | | | } else { |
| 6118 | | | return proto_tree_add_uint64_format(tree, hf_index, tvb, offset, length, value, |
| 6119 | | | format, str, value); |
| 6120 | | | } |
| 6121 | | | break; |
| 6122 | | | |
| 6123 | | | default: |
| 6124 | | | DISSECTOR_ASSERT_NOT_REACHED();
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
131 | #define DISSECTOR_ASSERT_NOT_REACHED() \ |
132 | (REPORT_DISSECTOR_BUG( \ |
133 | ep_strdup_printf("%s:%u: failed assertion \"DISSECTOR_ASSERT_NOT_REACHED\"", \ |
134 | __FILE__, __LINE__))) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
106 | #define REPORT_DISSECTOR_BUG(message) \ |
107 | ((getenv("WIRESHARK_ABORT_ON_DISSECTOR_BUG") != NULL) ? \ |
108 | abort() : \ |
109 | THROW_MESSAGE(DissectorError, message)) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/exceptions.h |
| |
226 | #define THROW_MESSAGE(x, y) \ |
227 | except_throw(XCEPT_GROUP_WIRESHARK, (x), (y)) |
| |
|
| 6125 | | | return NULL; |
| 6126 | | | break; |
| 6127 | | | } |
| 6128 | | | } |
| |