(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/auth/auth-client-connection.c) |
| |
| 192 | | | static void auth_client_input(struct auth_client_connection *conn) |
| 193 | | | { |
| 194 | | | char *line; |
| 195 | | | bool ret; |
| 196 | | | |
| 197 | [+] | | switch (i_stream_read(conn->input)) { |
 |
| 198 | | | case 0: |
| 199 | | | return; |
| 200 | | | case -1: |
| 201 | | | |
| 202 | | | auth_client_connection_destroy(&conn); |
| 203 | | | return; |
| 204 | | | case -2: |
| 205 | | | |
| 206 | | | i_error("BUG: Auth client %u sent us more than %d bytes", |
| 207 | | | conn->pid, (int)AUTH_CLIENT_MAX_LINE_LENGTH); |
| 208 | | | auth_client_connection_destroy(&conn); |
| 209 | | | return; |
| 210 | | | } |
| 211 | | | |
| 212 | | | while (conn->request_handler == NULL) { |
Event 16:
Leaving loop. conn->request_handler == (void *)0 evaluates to false.
hide
|
|
| 213 | | | |
| 214 | | | line = i_stream_next_line(conn->input); |
| 215 | | | if (line == NULL) |
| 216 | | | return; |
| 217 | | | |
| 218 | | | if (!conn->version_received) { |
| 219 | | | |
| 220 | | | if (strncmp(line, "VERSION\t", 8) != 0 || |
| 221 | | | atoi(t_strcut(line + 8, '\t')) != |
| 222 | | | AUTH_CLIENT_PROTOCOL_MAJOR_VERSION) { |
| 223 236 |  | | [ Lines 223 to 236 omitted. ] |
| 237 | | | } |
| 238 | | | } else { |
| 239 | | | i_error("BUG: Authentication client sent " |
| 240 | | | "unknown handshake command: %s", |
| 241 | | | str_sanitize(line, 80)); |
| 242 | | | auth_client_connection_destroy(&conn); |
| 243 | | | return; |
| 244 | | | } |
| 245 | | | } |
| 246 | | | |
| 247 | | | conn->refcount++; |
| 248 | | | while ((line = i_stream_next_line(conn->input)) != NULL) { |
Event 17:
Entering loop body. (line = i_stream_next_line(...)) != (void *)0 evaluates to true.
hide
|
|
| 249 | | | T_BEGIN {
x /home/sate/Testcases/c/cve/dovecot-1.2.0/src/lib/data-stack.h |
| |
49 | #define T_BEGIN \ |
50 | STMT_START { unsigned int _data_stack_cur_id = t_push(); |
| |
|
| 250 | | | ret = auth_client_handle_line(conn, line); |
| 251 | | | safe_memset(line, 0, strlen(line)); |
| 252 | | | } T_END; |
| 253 | | | |
| 254 | | | if (!ret) { |
Event 18:
Taking true branch. ret evaluates to false.
hide
|
|
| 255 | | | struct auth_client_connection *tmp_conn = conn; |
Event 19:
tmp_conn is set to conn.
hide
|
|
| 256 | [+] | | auth_client_connection_destroy(&tmp_conn); |
Event 20:
&tmp_conn is passed to auth_client_connection_destroy().
hide
|
|
 |
| 257 | | | break; |
| 258 | | | } |
| 259 | | | } |
| 260 | [+] | | auth_client_connection_unref(&conn); |
Event 35:
&conn is passed to auth_client_connection_unref().
hide
|
|
 |
| |