(/home/sate/Testcases/c/cve/wireshark-1.2.0/editcap.c) |
| |
| 670 | | | main(int argc, char *argv[]) |
| 671 | | | { |
| 672 | | | wtap *wth; |
| 673 | | | int i, j, err; |
| 674 | | | gchar *err_info; |
| 675 | | | extern char *optarg; |
| 676 | | | extern int optind; |
| 677 | | | int opt; |
| 678 | | | char *p; |
| 679 | | | unsigned int snaplen = 0; |
| 680 | | | unsigned int choplen = 0; |
| 681 | | | wtap_dumper *pdh = NULL; |
Event 1:
pdh is set to NULL. - Dereferenced later, causing the null pointer dereference.
hide
|
|
| 682 | | | int count = 1; |
| 683 | | | unsigned duplicate_count = 0; |
| 684 | | | gint64 data_offset; |
| 685 | | | struct wtap_pkthdr snap_phdr; |
| 686 | | | const struct wtap_pkthdr *phdr; |
| 687 | | | int err_type; |
| 688 | | | guint8 *buf; |
| 689 | | | int split_packet_count = 0; |
| 690 | | | int written_count = 0; |
| 691 | | | char *filename = NULL; |
| 692 | | | gboolean check_ts; |
| 693 | | | int secs_per_block = 0; |
| 694 | | | int block_cnt = 0; |
| 695 | | | nstime_t block_start; |
| 696 | | | gchar *fprefix = NULL; |
| 697 | | | gchar *fsuffix = NULL; |
| 698 | | | |
| 699 | | | #ifdef HAVE_PLUGINS |
| 700 | | | char* init_progfile_dir_error; |
| 701 | | | #endif |
| 702 | | | |
| 703 | | | |
| 704 | | | |
| 705 | | | |
| 706 | | | get_credential_info(); |
| 707 | | | |
| 708 | | | #ifdef HAVE_PLUGINS |
| 709 | | | |
| 710 | | | if ((init_progfile_dir_error = init_progfile_dir(argv[0], main))) { |
Event 2:
Taking false branch. init_progfile_dir_error = init_progfile_dir(...) evaluates to false.
hide
|
|
| 711 | | | g_warning("capinfos: init_progfile_dir(): %s", init_progfile_dir_error);
x /usr/include/glib-2.0/glib/gmessages.h |
| |
153 | #define g_warning(...) g_log (G_LOG_DOMAIN, \ |
154 | G_LOG_LEVEL_WARNING, \ |
155 | __VA_ARGS__) |
| |
|
| 712 | | | g_free(init_progfile_dir_error); |
| 713 | | | } else { |
| 714 | | | init_report_err(failure_message,NULL,NULL,NULL); |
| 715 | | | init_plugins(); |
| 716 | | | } |
| 717 | | | #endif |
| 718 | | | |
| 719 | | | |
| 720 | | | while ((opt = getopt(argc, argv, "A:B:c:C:dD:E:F:hrs:i:t:T:vw:")) !=-1) { |
| 721 | | | |
| 722 | | | switch (opt) { |
| 723 | | | |
| 724 | | | case 'E': |
| 725 | | | err_prob = strtod(optarg, &p); |
| 726 | | | if (p == optarg || err_prob < 0.0 || err_prob > 1.0) { |
| 727 | | | fprintf(stderr, "editcap: probability \"%s\" must be between 0.0 and 1.0\n", |
| 728 | | | optarg); |
| 729 | | | exit(1); |
| 730 | | | } |
| 731 | | | srand( (unsigned int) (time(NULL) + getpid()) ); |
| 732 | | | break; |
| 733 | | | |
| 734 | | | case 'F': |
| 735 | | | out_file_type = wtap_short_string_to_file_type(optarg); |
| 736 | | | if (out_file_type < 0) { |
| 737 | | | fprintf(stderr, "editcap: \"%s\" isn't a valid capture file type\n\n", |
| 738 | | | optarg); |
| 739 | | | list_capture_types(); |
| 740 | | | exit(1); |
| 741 | | | } |
| 742 | | | break; |
| 743 | | | |
| 744 | | | case 'c': |
| 745 | | | split_packet_count = strtol(optarg, &p, 10); |
| 746 | | | if (p == optarg || *p != '\0') { |
| 747 | | | fprintf(stderr, "editcap: \"%s\" isn't a valid packet count\n", |
| 748 | | | optarg); |
| 749 | | | exit(1); |
| 750 | | | } |
| 751 | | | if (split_packet_count <= 0) { |
| 752 | | | fprintf(stderr, "editcap: \"%d\" packet count must be larger than zero\n", |
| 753 | | | split_packet_count); |
| 754 | | | exit(1); |
| 755 | | | } |
| 756 | | | break; |
| 757 | | | |
| 758 | | | case 'C': |
| 759 | | | choplen = strtol(optarg, &p, 10); |
| 760 | | | if (p == optarg || *p != '\0') { |
| 761 | | | fprintf(stderr, "editcap: \"%s\" isn't a valid chop length\n", |
| 762 | | | optarg); |
| 763 | | | exit(1); |
| 764 | | | } |
| 765 | | | break; |
| 766 | | | |
| 767 | | | case 'd': |
| 768 | | | dup_detect = TRUE; |
| 769 | | | dup_detect_by_time = FALSE; |
| 770 | | | dup_window = DEFAULT_DUP_DEPTH; |
| 771 | | | break; |
| 772 | | | |
| 773 | | | case 'D': |
| 774 | | | dup_detect = TRUE; |
| 775 | | | dup_detect_by_time = FALSE; |
| 776 | | | dup_window = strtol(optarg, &p, 10); |
| 777 | | | if (p == optarg || *p != '\0') { |
| 778 | | | fprintf(stderr, "editcap: \"%s\" isn't a valid dupicate window value\n", |
| 779 | | | optarg); |
| 780 | | | exit(1); |
| 781 | | | } |
| 782 | | | if (dup_window < 0 || dup_window > MAX_DUP_DEPTH) {
x /home/sate/Testcases/c/cve/wireshark-1.2.0/editcap.c |
| |
91 | #define MAX_DUP_DEPTH 1000000 /* the maximum window (and actual size of fd_hash[]) for de-duplication */ |
| |
|
| 783 | | | fprintf(stderr, "editcap: \"%d\" duplicate window value must be between 0 and %d inclusive.\n", |
| 784 | | | dup_window, MAX_DUP_DEPTH);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/editcap.c |
| |
91 | #define MAX_DUP_DEPTH 1000000 /* the maximum window (and actual size of fd_hash[]) for de-duplication */ |
| |
|
| 785 | | | exit(1); |
| 786 | | | } |
| 787 | | | break; |
| 788 | | | |
| 789 | | | case 'w': |
| 790 | | | dup_detect = FALSE; |
| 791 | | | dup_detect_by_time = TRUE; |
| 792 | | | dup_window = MAX_DUP_DEPTH;
x /home/sate/Testcases/c/cve/wireshark-1.2.0/editcap.c |
| |
91 | #define MAX_DUP_DEPTH 1000000 /* the maximum window (and actual size of fd_hash[]) for de-duplication */ |
| |
|
| 793 | | | set_rel_time(optarg); |
| 794 | | | break; |
| 795 | | | |
| 796 | | | case '?': |
| 797 | | | switch(optopt) { |
| 798 | | | case'F': |
| 799 | | | list_capture_types(); |
| 800 | | | break; |
| 801 | | | case'T': |
| 802 | | | list_encap_types(); |
| 803 | | | break; |
| 804 | | | default: |
| 805 | | | usage(); |
| 806 | | | } |
| 807 | | | exit(1); |
| 808 | | | break; |
| 809 | | | |
| 810 | | | case 'h': |
| 811 | | | usage(); |
| 812 | | | exit(1); |
| 813 | | | break; |
| 814 | | | |
| 815 | | | case 'r': |
| 816 | | | keep_em = !keep_em; |
| 817 | | | break; |
| 818 | | | |
| 819 | | | case 's': |
| 820 | | | snaplen = strtol(optarg, &p, 10); |
| 821 | | | if (p == optarg || *p != '\0') { |
| 822 | | | fprintf(stderr, "editcap: \"%s\" isn't a valid snapshot length\n", |
| 823 | | | optarg); |
| 824 | | | exit(1); |
| 825 | | | } |
| 826 | | | break; |
| 827 | | | |
| 828 | | | case 't': |
| 829 | | | set_time_adjustment(optarg); |
| 830 | | | break; |
| 831 | | | |
| 832 | | | case 'T': |
| 833 | | | out_frame_type = wtap_short_string_to_encap(optarg); |
| 834 | | | if (out_frame_type < 0) { |
| 835 | | | fprintf(stderr, "editcap: \"%s\" isn't a valid encapsulation type\n\n", |
| 836 | | | optarg); |
| 837 | | | list_encap_types(); |
| 838 | | | exit(1); |
| 839 | | | } |
| 840 | | | break; |
| 841 | | | |
| 842 | | | case 'v': |
| 843 | | | verbose = !verbose; |
| 844 | | | break; |
| 845 | | | |
| 846 | | | case 'i': |
| 847 | | | secs_per_block = atoi(optarg); |
| 848 | | | if(secs_per_block <= 0) { |
| 849 | | | fprintf(stderr, "editcap: \"%s\" isn't a valid time interval\n\n", optarg); |
| 850 | | | exit(1); |
| 851 | | | } |
| 852 | | | break; |
| 853 | | | |
| 854 | | | case 'A': |
| 855 | | | { |
| 856 | | | struct tm starttm; |
| 857 | | | |
| 858 | | | memset(&starttm,0,sizeof(struct tm)); |
| 859 | | | |
| 860 | | | if(!strptime(optarg,"%Y-%m-%d %T",&starttm)) { |
| 861 | | | fprintf(stderr, "editcap: \"%s\" isn't a valid time format\n\n", optarg); |
| 862 | | | exit(1); |
| 863 | | | } |
| 864 | | | |
| 865 | | | check_startstop = TRUE; |
| 866 | | | starttm.tm_isdst = -1; |
| 867 | | | |
| 868 | | | starttime = mktime(&starttm); |
| 869 | | | break; |
| 870 | | | } |
| 871 | | | |
| 872 | | | case 'B': |
| 873 | | | { |
| 874 | | | struct tm stoptm; |
| 875 | | | |
| 876 | | | memset(&stoptm,0,sizeof(struct tm)); |
| 877 | | | |
| 878 | | | if(!strptime(optarg,"%Y-%m-%d %T",&stoptm)) { |
| 879 | | | fprintf(stderr, "editcap: \"%s\" isn't a valid time format\n\n", optarg); |
| 880 | | | exit(1); |
| 881 | | | } |
| 882 | | | check_startstop = TRUE; |
| 883 | | | stoptm.tm_isdst = -1; |
| 884 | | | stoptime = mktime(&stoptm); |
| 885 | | | break; |
| 886 | | | } |
| 887 | | | } |
| 888 | | | |
| 889 | | | } |
| 890 | | | |
| 891 | | | #ifdef DEBUG |
| 892 | | | printf("Optind = %i, argc = %i\n", optind, argc); |
| 893 | | | #endif |
| 894 | | | |
| 895 | | | if ((argc - optind) < 1) { |
Event 4:
Skipping " if". argc - optind < 1 evaluates to false.
hide
|
|
| 896 | | | |
| 897 | | | usage(); |
| 898 | | | exit(1); |
| 899 | | | |
| 900 | | | } |
| 901 | | | |
| 902 | | | if (check_startstop && !stoptime) { |
Event 5:
Skipping " if". check_startstop evaluates to false.
hide
|
|
| 903 | | | struct tm stoptm; |
| 904 | | | |
| 905 | | | memset(&stoptm,0,sizeof(struct tm)); |
| 906 | | | stoptm.tm_year = 135; |
| 907 | | | stoptm.tm_mday = 31; |
| 908 | | | stoptm.tm_mon = 11; |
| 909 | | | |
| 910 | | | stoptime = mktime(&stoptm); |
| 911 | | | } |
| 912 | | | |
| 913 | | | nstime_set_unset(&block_start); |
| 914 | | | |
| 915 | | | if (starttime > stoptime) { |
Event 6:
Skipping " if". starttime > stoptime evaluates to false.
hide
|
|
| 916 | | | fprintf(stderr, "editcap: start time is after the stop time\n"); |
| 917 | | | exit(1); |
| 918 | | | } |
| 919 | | | |
| 920 | | | if (split_packet_count > 0 && secs_per_block > 0) { |
Event 7:
Skipping " if". split_packet_count > 0 evaluates to false.
hide
|
|
| 921 | | | fprintf(stderr, "editcap: can't split on both packet count and time interval\n"); |
| 922 | | | fprintf(stderr, "editcap: at the same time\n"); |
| 923 | | | exit(1); |
| 924 | | | } |
| 925 | | | |
| 926 | [+] | | wth = wtap_open_offline(argv[optind], &err, &err_info, FALSE); |
 |
| 927 | | | |
| 928 | | | if (!wth) { |
Event 25:
Skipping " if". wth evaluates to true.
hide
|
|
| 929 | | | fprintf(stderr, "editcap: Can't open %s: %s\n", argv[optind], |
| 930 | | | wtap_strerror(err)); |
| 931 | | | switch (err) { |
| 932 | | | |
| 933 | | | case WTAP_ERR_UNSUPPORTED: |
| 934 | | | case WTAP_ERR_UNSUPPORTED_ENCAP: |
| 935 | | | case WTAP_ERR_BAD_RECORD: |
| 936 | | | fprintf(stderr, "(%s)\n", err_info); |
| 937 | | | g_free(err_info); |
| 938 | | | break; |
| 939 | | | } |
| 940 | | | exit(2); |
| 941 | | | |
| 942 | | | } |
| 943 | | | |
| 944 | | | if (verbose) { |
Event 26:
Taking true branch. verbose evaluates to true.
hide
|
|
| 945 | | | fprintf(stderr, "File %s is a %s capture file.\n", argv[optind], |
| 946 | | | wtap_file_type_string(wtap_file_type(wth))); |
| 947 | | | } |
| 948 | | | |
| 949 | | | |
| 950 | | | |
| 951 | | | |
| 952 | | | |
| 953 | | | |
| 954 | | | if ((argc - optind) >= 2) { |
Event 27:
Taking true branch. argc - optind >= 2 evaluates to true.
hide
|
|
| 955 | | | |
| 956 | | | if (out_frame_type == -2) |
Event 28:
Taking true branch. out_frame_type == -2 evaluates to true.
hide
|
|
| 957 | | | out_frame_type = wtap_file_encap(wth); |
| 958 | | | |
| 959 | | | for (i = optind + 2; i < argc; i++) |
Event 29:
Leaving loop. i < argc evaluates to false.
hide
|
|
| 960 | | | if (add_selection(argv[i]) == FALSE) |
| 961 | | | break; |
| 962 | | | |
| 963 | | | if (dup_detect || dup_detect_by_time) { |
Event 30:
Skipping " if". - dup_detect evaluates to false.
- dup_detect_by_time evaluates to false.
hide
|
|
| 964 | | | for (i = 0; i < dup_window; i++) { |
| 965 | | | memset(&fd_hash[i].digest, 0, 16); |
| 966 | | | fd_hash[i].len = 0; |
| 967 | | | nstime_set_unset(&fd_hash[i].time); |
| 968 | | | } |
| 969 | | | } |
| 970 | | | |
| 971 | [+] | | while (wtap_read(wth, &err, &err_info, &data_offset)) { |
 |
| 972 | | | phdr = wtap_phdr(wth); |
| 973 | | | |
| 974 | | | if (nstime_is_unset(&block_start)) { |
| 975 | | | block_start.secs = phdr->ts.secs; |
| 976 | | | block_start.nsecs = phdr->ts.nsecs; |
| 977 | | | |
| 978 | | | if (split_packet_count > 0 || secs_per_block > 0) { |
| 979 | | | if (!(argv[optind+1], &fprefix, &fsuffix)) |
| 980 | | | exit(2); |
| 981 | | | |
| 982 1222 |  | | [ Lines 982 to 1222 omitted. ] |
| 1223 | | | &err)) { |
| 1224 | | | fprintf(stderr, "editcap: Error writing to %s: %s\n", |
| 1225 | | | filename, wtap_strerror(err)); |
| 1226 | | | exit(2); |
| 1227 | | | } |
| 1228 | | | written_count++; |
| 1229 | | | } |
| 1230 | | | count++; |
| 1231 | | | } |
| 1232 | | | |
| 1233 | | | g_free(filename); |
| 1234 | | | g_free(fprefix); |
| 1235 | | | g_free(fsuffix); |
| 1236 | | | |
| 1237 | | | if (err != 0) { |
Event 36:
Skipping " if". err != 0 evaluates to false.
hide
|
|
| 1238 | | | |
| 1239 | | | fprintf(stderr, |
| 1240 | | | "editcap: An error occurred while reading \"%s\": %s.\n", |
| 1241 | | | argv[optind], wtap_strerror(err)); |
| 1242 | | | switch (err) { |
| 1243 | | | |
| 1244 | | | case WTAP_ERR_UNSUPPORTED: |
| 1245 | | | case WTAP_ERR_UNSUPPORTED_ENCAP: |
| 1246 | | | case WTAP_ERR_BAD_RECORD: |
| 1247 | | | fprintf(stderr, "(%s)\n", err_info); |
| 1248 | | | g_free(err_info); |
| 1249 | | | break; |
| 1250 | | | } |
| 1251 | | | } |
| 1252 | | | |
| 1253 | [+] | | if (!wtap_dump_close(pdh, &err)) { |
Event 37:
pdh, which evaluates to NULL, is passed to wtap_dump_close() as the first argument. See related event 1.
hide
|
|
 |
| |