(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/lib-storage/index/maildir/maildir-storage.c) |
| |
| 598 | | | static int maildir_mailbox_create(struct mail_storage *_storage, |
| 599 | | | const char *name, |
| 600 | | | bool directory ATTR_UNUSED) |
| 601 | | | { |
| 602 | | | struct stat st; |
| 603 | | | const char *path, *root_dir, *shared_path, *gid_origin; |
| 604 | | | mode_t old_mask; |
| 605 | | | int fd; |
| 606 | | | |
| 607 | | | path = mailbox_list_get_path(_storage->list, name, |
| 608 | | | MAILBOX_LIST_PATH_TYPE_MAILBOX); |
| 609 | | | root_dir = mailbox_list_get_path(_storage->list, NULL, |
| 610 | | | MAILBOX_LIST_PATH_TYPE_MAILBOX); |
| 611 | | | |
| 612 | | | |
| 613 | | | |
| 614 | [+] | | shared_path = t_strconcat(root_dir, "/dovecot-shared", NULL); |
 |
| 615 | | | if (stat(shared_path, &st) == 0) { |
Event 7:
shared_path, which evaluates to NULL, is passed to stat64() as the first argument. See related event 6.
hide
Null Pointer Dereference
The body of stat64() dereferences shared_path, but it is NULL. The issue can occur if the highlighted code executes. See related event 7. Show: All events | Only primary events |
|
| |