(/home/sate/Testcases/c/cve/wireshark-1.2.0/plugins/mate/mate_util.c) |
| |
| 1614 | | | extern LoAL* loal_from_file(gchar* filename) { |
| 1615 | | | FILE *fp = NULL; |
| 1616 | | | gchar c; |
| 1617 | | | int i = 0; |
| 1618 | | | guint32 linenum = 1; |
| 1619 | | | gchar linenum_buf[MAX_ITEM_LEN]; |
| 1620 | | | gchar name[MAX_ITEM_LEN]; |
| 1621 | | | gchar value[MAX_ITEM_LEN]; |
| 1622 | | | gchar op = '?'; |
| 1623 | | | LoAL *loal = new_loal(filename); |
| 1624 | | | AVPL* curr = NULL; |
| 1625 | | | AVP* avp; |
| 1626 | | | |
| 1627 | | | enum _load_loal_states { |
| 1628 | | | START, |
| 1629 | | | BEFORE_NAME, |
| 1630 | | | IN_NAME, |
| 1631 | | | IN_VALUE, |
| 1632 | | | MY_IGNORE |
| 1633 | | | } state; |
| 1634 | | | |
| 1635 | | | #ifndef _WIN32 |
| 1636 | | | if (! getuid()) { |
Event 1:
Skipping " if". getuid() evaluates to true.
hide
|
|
| 1637 | | | return load_loal_error(fp,loal,curr,linenum,"MATE Will not run as root"); |
| 1638 | | | } |
| 1639 | | | #endif |
| 1640 | | | |
| 1641 | | | state = START; |
| 1642 | | | |
| 1643 | | | if (( fp = ws_fopen(filename,"r") )) { |
Event 2:
Taking true branch. fp = fopen(filename, "r") evaluates to true.
hide
|
|
| 1644 | | | while(( c = (gchar) fgetc(fp) )){ |
Event 3:
fgetc() returns a potentially dangerous value [ ?potentially dangerous: the value cannot be determined and may come from program input]. - Determines the value that is cast in the Cast Alters Value warning later.
hide
Event 4:
Considering the case where fgetc(fp) is at least -1.
hide
Event 5:
Considering the case where fgetc(fp) is no more than 255.
hide
Cast Alters Value
fgetc(fp) is cast from int to char. - fgetc(fp) could be 128 or higher.
- Values 128 or higher cannot be stored as char. Casting them to char can cause data loss or sign change.
The issue can occur if the highlighted code executes. See related events 3, 4, and 5. Show: All events | Only primary events |
|
| |