(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/lib-storage/list/mailbox-list-fs-iter.c) |
| |
| 64 | | | pattern_get_path_pos(struct fs_list_iterate_context *ctx, const char *pattern, |
| 65 | | | const char *path, unsigned int *pos_r) |
| 66 | | | { |
| 67 | | | unsigned int i, j; |
| 68 | | | |
| 69 | | | if (strncasecmp(path, "INBOX", 5) == 0 && path[5] == ctx->sep) { |
Event 1:
Taking true branch. - strncasecmp(...) == 0 evaluates to true.
- path[5] == ctx->sep evaluates to true.
hide
|
|
| 70 | | | |
| 71 | [+] | | char *tmp = t_strdup_noconst(pattern); |
 |
| 72 | | | |
| 73 | | | if (strncmp(path, "INBOX", 5) != 0) |
Event 6:
Skipping " if". strncmp(path, "INBOX", 5) != 0 evaluates to false.
hide
|
|
| 74 | | | path = t_strdup_printf("INBOX%c%s", ctx->sep, path + 6); |
| 75 | | | |
| 76 | | | for (i = 0; tmp[i] != ctx->sep && tmp[i] != '\0'; i++) |
Null Pointer Dereference
tmp is dereferenced here, but it is NULL. The issue can occur if the highlighted code executes. See related event 5. Show: All events | Only primary events |
|
| |