(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/lib-storage/index/maildir/maildir-uidlist.c) |
| |
| 558 | | | static int (struct maildir_uidlist *uidlist, |
| 559 | | | struct istream *input) |
| 560 | | | { |
| 561 | | | unsigned int uid_validity, next_uid; |
| 562 | | | string_t *ext_hdr; |
| 563 | | | const char *line; |
| 564 | | | char key; |
| 565 | | | |
| 566 | [+] | | line = i_stream_read_next_line(input); |
 |
| 567 | | | if (line == NULL) { |
Event 15:
Skipping " if". line == (void *)0 evaluates to false.
hide
|
|
| 568 | | | |
| 569 | | | return input->stream_errno == 0 ? 0 : -1; |
| 570 | | | } |
| 571 | | | uidlist->read_line_count = 1; |
| 572 | | | |
| 573 | | | if (*line < '0' || *line > '9' || line[1] != ' ') { |
Event 16:
Skipping " if". - *line < 48 evaluates to false.
- *line > 57 evaluates to false.
- line[1] != 32 evaluates to false.
hide
|
|
| 574 | | | maildir_uidlist_set_corrupted(uidlist, |
| 575 | | | "Corrupted (invalid version number)"); |
| 576 | | | return 0; |
| 577 | | | } |
| 578 | | | |
| 579 | | | uidlist->version = *line - '0'; |
| 580 | | | line += 2; |
| 581 | | | |
| 582 | | | switch (uidlist->version) { |
Event 17:
uidlist->version evaluates to 3.
hide
|
|
| 583 | | | case 1: |
| 584 | | | if (sscanf(line, "%u %u", &uid_validity, &next_uid) != 2) { |
| 585 | | | maildir_uidlist_set_corrupted(uidlist, |
| 586 | | | "Corrupted (version 1)"); |
| 587 | | | return 0; |
| 588 | | | } |
| 589 | | | if (uid_validity == uidlist->uid_validity && |
| 590 | | | next_uid < uidlist->next_uid) { |
| 591 | | | maildir_uidlist_set_corrupted(uidlist, |
| 592 | | | "next_uid was lowered (v1, %u -> %u)", |
| 593 | | | uidlist->next_uid, next_uid); |
| 594 | | | return 0; |
| 595 | | | } |
| 596 | | | break; |
| 597 | | | case UIDLIST_VERSION: |
| 598 | | | ext_hdr = uidlist->hdr_extensions; |
| 599 | | | str_truncate(ext_hdr, 0); |
| 600 | | | while (*line != '\0') T_BEGIN {
x /home/sate/Testcases/c/cve/dovecot-1.2.0/src/lib/data-stack.h |
| |
49 | #define T_BEGIN \ |
50 | STMT_START { unsigned int _data_stack_cur_id = t_push(); |
| |
|
Event 18:
Leaving loop. *line != 0 evaluates to false.
hide
|
|
| 601 | | | const char *value; |
| 602 | | | |
| 603 | | | key = *line; |
| 604 | | | value = ++line; |
| 605 | | | while (*line != '\0' && *line != ' ') line++; |
| 606 | | | value = t_strdup_until(value, line); |
| 607 | | | |
| 608 | | | switch (key) { |
| 609 | | | case MAILDIR_UIDLIST_HDR_EXT_UID_VALIDITY: |
| 610 | | | uid_validity = strtoul(value, NULL, 10); |
| 611 | | | break; |
| 612 | | | case MAILDIR_UIDLIST_HDR_EXT_NEXT_UID: |
| 613 | | | next_uid = strtoul(value, NULL, 10); |
| 614 | | | break; |
| 615 | | | default: |
| 616 | | | if (str_len(ext_hdr) > 0) |
| 617 | | | str_append_c(ext_hdr, ' '); |
| 618 | | | str_printfa(ext_hdr, "%c%s", key, value); |
| 619 | | | break; |
| 620 | | | } |
| 621 | | | |
| 622 | | | while (*line == ' ') line++; |
| 623 | | | } T_END; |
| 624 | | | break; |
| 625 | | | default: |
| 626 | | | maildir_uidlist_set_corrupted(uidlist, "Unsupported version %u", |
| 627 | | | uidlist->version); |
| 628 | | | return 0; |
| 629 | | | } |
| 630 | | | |
| 631 | | | if (uid_validity == 0 || next_uid == 0) { |
Uninitialized Variable
uid_validity was not initialized. The issue can occur if the highlighted code executes. Show: All events | Only primary events |
|
| |