(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/login-common/sasl-server.c) |
| |
| 130 | | | void sasl_server_auth_begin(struct client *client, |
| 131 | | | const char *service, const char *mech_name, |
| 132 | | | const char *initial_resp_base64, |
| 133 | | | sasl_server_callback_t *callback) |
| 134 | | | { |
| 135 | | | struct auth_request_info info; |
| 136 | | | const struct auth_mech_desc *mech; |
| 137 | | | const char *error; |
| 138 | | | |
| 139 | | | client->auth_attempts++; |
| 140 | | | client->authenticating = TRUE; |
Event 1:
!0 evaluates to true.
hide
|
|
| 141 | | | i_free(client->auth_mech_name);
x /home/sate/Testcases/c/cve/dovecot-1.2.0/src/lib/imem.h |
| |
14 | #define i_free(mem) \ |
15 | STMT_START { \ |
16 | free(mem); \ |
17 | (mem) = NULL; \ |
18 | } STMT_END |
| |
|
| 142 | | | client->auth_mech_name = str_ucase(i_strdup(mech_name)); |
| 143 | | | client->sasl_callback = callback; |
| 144 | | | |
| 145 | | | mech = auth_client_find_mech(auth_client, mech_name); |
| 146 | | | if (mech == NULL) { |
Event 2:
Skipping " if". mech == (void *)0 evaluates to false.
hide
|
|
| 147 | | | sasl_server_auth_failed(client, |
| 148 | | | "Unsupported authentication mechanism."); |
| 149 | | | return; |
| 150 | | | } |
| 151 | | | |
| 152 | | | if (!client->secured && disable_plaintext_auth && |
Event 3:
Skipping " if". client->secured evaluates to true.
hide
|
|
| 153 | | | (mech->flags & MECH_SEC_PLAINTEXT) != 0) { |
| 154 | | | sasl_server_auth_failed(client, |
| 155 | | | "Plaintext authentication disabled."); |
| 156 | | | return; |
| 157 | | | } |
| 158 | | | |
| 159 | | | memset(&info, 0, sizeof(info)); |
| 160 | | | info.mech = mech->name; |
| 161 | | | info.service = service; |
| 162 | | | info.cert_username = client->proxy == NULL ? NULL : |
Event 4:
client->proxy == (void *)0 evaluates to false.
hide
Event 7:
info.cert_username is set to client->proxy == (void *)0 ? (void *)0 : ssl_proxy_get_peer_name(...), which evaluates to NULL. See related event 6.
hide
|
|
| 163 | [+] | | ssl_proxy_get_peer_name(client->proxy); |
 |
| 164 | | | info.flags = client_get_auth_flags(client); |
| 165 | | | info.local_ip = client->local_ip; |
| 166 | | | info.remote_ip = client->ip; |
| 167 | | | info.local_port = client->local_port; |
| 168 | | | info.remote_port = client->remote_port; |
| 169 | | | info.initial_resp_base64 = initial_resp_base64; |
| 170 | | | |
| 171 | | | client->auth_request = |
| 172 | | | auth_client_request_new(auth_client, NULL, &info, |
Event 8:
&info is passed to auth_client_request_new() as the third argument.
hide
|
|
| 173 | [+] | | authenticate_callback, client, &error); |
 |
| |