(/home/sate/Testcases/c/cve/wireshark-1.2.0/plugins/profinet/packet-dcom-cba-acco.c) |
| |
| 4497 | | | dissect_ICBAAccoSync_WriteItems_rqst(tvbuff_t *tvb, int offset, |
| 4498 | | | packet_info *pinfo, proto_tree *tree, guint8 *drep) |
| 4499 | | | { |
| 4500 | | | guint32 u32Count; |
| 4501 | | | guint32 u32ArraySize; |
| 4502 | | | gchar szStr[1000]; |
| 4503 | | | guint32 u32MaxStr = sizeof(szStr); |
| 4504 | | | guint32 u32Pointer; |
| 4505 | | | guint32 u32VariableOffset; |
| 4506 | | | proto_item *sub_item; |
| 4507 | | | proto_tree *sub_tree; |
| 4508 | | | guint32 u32SubStart; |
| 4509 | | | guint32 u32Idx; |
| 4510 | | | |
| 4511 | | | |
| 4512 | | | offset = dissect_dcom_this(tvb, offset, pinfo, tree, drep); |
| 4513 | | | |
| 4514 | | | offset = dissect_dcom_DWORD(tvb, offset, pinfo, tree, drep, |
| 4515 | | | hf_cba_acco_count, &u32Count); |
| 4516 | | | |
| 4517 | | | offset = dissect_dcom_dcerpc_array_size(tvb, offset, pinfo, tree, drep, |
| 4518 | | | &u32ArraySize); |
| 4519 | | | |
| 4520 | | | u32VariableOffset = offset + u32ArraySize * 8; |
| 4521 | | | u32Idx = 1; |
| 4522 | | | while(u32ArraySize--) { |
Event 1:
Entering loop body. u32ArraySize-- evaluates to true.
hide
|
|
| 4523 | | | sub_item = proto_tree_add_item(tree, hf_cba_writeitemin, tvb, offset, 0, FALSE); |
| 4524 | | | sub_tree = proto_item_add_subtree(sub_item, ett_cba_writeitemin); |
| 4525 | | | u32SubStart = offset; |
| 4526 | | | |
| 4527 | | | offset = dissect_dcom_dcerpc_pointer(tvb, offset, pinfo, sub_tree, drep, |
| 4528 | [+] | | &u32Pointer); |
Event 2:
dissect_dcom_dcerpc_pointer() does not initialize u32Pointer. - This may be because of a failure case or other special case for dissect_dcom_dcerpc_pointer().
hide
|
|
 |
| 4529 | | | if (u32Pointer) { |
Uninitialized Variable
u32Pointer was not initialized. The issue can occur if the highlighted code executes. See related events 2 and 4. Show: All events | Only primary events |
|
| |