(/home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-ssl-utils.c) |
| |
| 2859 | | | ssl_parse_key_list(const gchar * keys_list, GHashTable *key_hash, GTree* associations, dissector_handle_t handle, gboolean tcp) |
| 2860 | | | { |
| 2861 | | | gchar* end; |
| 2862 | | | gchar* start; |
| 2863 | | | gchar* tmp; |
| 2864 | | | guchar* ip; |
| 2865 | | | SslService* service; |
| 2866 | | | Ssl_private_key_t * private_key, *tmp_private_key; |
| 2867 | | | FILE* fp; |
| 2868 | | | |
| 2869 | | | start = g_strdup(keys_list); |
| 2870 | | | tmp = start; |
| 2871 | | | ssl_debug_printf("ssl_init keys string:\n%s\n", start); |
| 2872 | | | do { |
| 2873 | | | int read_index, write_index; |
| 2874 | | | gchar* addr, *port, *protocol, *filename, *cert_passwd; |
| 2875 | | | |
| 2876 | | | addr = start; |
| 2877 | | | |
| 2878 | | | end = strpbrk(start, ";\n\r"); |
| 2879 | | | if (end) { |
| 2880 | | | *end = 0; |
| 2881 | | | start = end+1; |
| 2882 | | | } |
| 2883 | | | |
| 2884 | | | |
| 2885 | | | if (addr[0] == '#') continue; |
| 2886 | | | |
| 2887 | | | |
| 2888 | | | ssl_debug_printf("ssl_init found host entry %s\n", addr); |
| 2889 | | | port = strchr(addr, ','); |
| 2890 | | | if (!port) |
| 2891 | | | { |
| 2892 | | | ssl_debug_printf("ssl_init entry malformed can't find port in '%s'\n", addr); |
| 2893 | | | continue; |
| 2894 | | | } |
| 2895 | | | *port = 0; |
| 2896 | | | port++; |
| 2897 | | | |
| 2898 | | | protocol = strchr(port,','); |
| 2899 | | | if (!protocol) |
| 2900 | | | { |
| 2901 | | | ssl_debug_printf("ssl_init entry malformed can't find protocol in %s\n", port); |
| 2902 | | | continue; |
| 2903 | | | } |
| 2904 | | | *protocol=0; |
| 2905 | | | protocol++; |
| 2906 | | | |
| 2907 | | | filename = strchr(protocol,','); |
| 2908 | | | if (!filename) |
| 2909 | | | { |
| 2910 | | | ssl_debug_printf("ssl_init entry malformed can't find filename in %s\n", protocol); |
| 2911 | | | continue; |
| 2912 | | | } |
| 2913 | | | *filename=0; |
| 2914 | | | filename++; |
| 2915 | | | |
| 2916 | | | cert_passwd = strchr(filename,','); |
| 2917 | | | if (cert_passwd) |
| 2918 | | | { |
| 2919 | | | *cert_passwd=0; |
| 2920 | | | cert_passwd++; |
| 2921 | | | } |
| 2922 | | | |
| 2923 | | | |
| 2924 | | | service = g_malloc(sizeof(SslService) + 4); |
| 2925 | | | service->addr.type = AT_IPv4; |
| 2926 | | | service->addr.len = 4; |
| 2927 | | | service->addr.data = ip = ((guchar*)service) + sizeof(SslService); |
| 2928 | | | |
| 2929 | | | |
| 2930 | | | read_index = 0; |
| 2931 | | | write_index = 0; |
| 2932 | | | |
| 2933 | | | while(addr[read_index]) { |
| 2934 | | | if (addr[read_index] != ' ') { |
| 2935 | | | addr[write_index] = addr[read_index]; |
| 2936 | | | write_index++; |
| 2937 | | | } |
| 2938 | | | read_index++; |
| 2939 | | | } |
| 2940 | | | addr[write_index] = 0; |
| 2941 | | | |
| 2942 | | | if ( !strcmp("any", addr) || !strcmp("ANY", addr) ) { |
| 2943 | | | ip[0] = 0; |
| 2944 | | | ip[1] = 0; |
| 2945 | | | ip[2] = 0; |
| 2946 | | | ip[3] = 0; |
| 2947 | | | } else { |
| 2948 | | | sscanf(addr, "%hhu.%hhu.%hhu.%hhu", &ip[0], &ip[1], &ip[2], &ip[3]); |
Ignored Return Value
The return value of __isoc99_sscanf() is never checked in the highlighted execution scenario. - If the return value can indicate an error, the error will be ignored if the highlighted code executes.
- CodeSonar is configured to enforce Ignored Return Value checks for __isoc99_sscanf(). (To change the set of enforced Ignored Return Value checks, use configuration file parameters RETURN_CHECKER_CHECKED_FUNCS and RETURN_CHECKER_IGNORED_FUNCS).
Show: All events | Only primary events |
|
| 2949 | | | } |
| 2950 | | | |
| 2951 | | | if(!strcmp("start_tls", port)) { |
Event 2:
Taking false branch. strcmp("start_tls", port) evaluates to true.
hide
|
|
| 2952 | | | service->port = 0; |
| 2953 | | | } else { |
| 2954 | | | service->port = atoi(port); |
| 2955 | | | } |
| 2956 | | | ssl_debug_printf("ssl_init addr '%hhu.%hhu.%hhu.%hhu' port '%d' filename '%s' password(only for p12 file) '%s'\n", |
| 2957 | | | ip[0], ip[1], ip[2], ip[3], service->port, filename, cert_passwd); |
| 2958 | | | |
| 2959 | | | |
| 2960 | | | fp = ws_fopen(filename, "rb"); |
| 2961 | | | if (!fp) { |
Event 3:
Skipping " if". fp evaluates to true.
hide
|
|
| 2962 | | | fprintf(stderr, "can't open file %s \n",filename); |
| 2963 | | | continue; |
| 2964 | | | } |
| 2965 | | | |
| 2966 | | | if (!cert_passwd) { |
Event 4:
Taking false branch. cert_passwd evaluates to true.
hide
|
|
| 2967 | | | private_key = ssl_load_key(fp); |
| 2968 | | | } |
| 2969 | | | else |
| 2970 | | | { |
| 2971 | | | private_key = ssl_load_pkcs12(fp,cert_passwd); |
| 2972 | | | } |
| 2973 | | | |
| 2974 | | | if (!private_key) { |
Event 5:
Taking true branch. private_key evaluates to false.
hide
|
|
| 2975 | | | fprintf(stderr,"can't load private key from %s\n", |
| 2976 | | | filename); |
| 2977 | | | continue; |
| 2978 | | | } |
| 2979 | | | |
| 2980 | | | fclose(fp); |
| 2981 | | | |
| 2982 | | | ssl_debug_printf("ssl_init private key file %s successfully loaded\n",filename); |
| 2983 | | | |
| 2984 | | | |
| 2985 | | | tmp_private_key = g_hash_table_lookup(key_hash, service); |
| 2986 | | | if (tmp_private_key) { |
| 2987 | | | g_hash_table_remove(key_hash, service); |
| 2988 | | | ssl_free_key(tmp_private_key); |
| 2989 | | | } |
| 2990 | | | g_hash_table_insert(key_hash, service, private_key); |
| 2991 | | | |
| 2992 | | | ssl_association_add(associations, handle, service->port, protocol, tcp, TRUE); |
| 2993 | | | |
| 2994 | | | } while (end != NULL); |
Event 6:
Leaving loop. end != (void *)0 evaluates to false.
hide
|
|
| 2995 | | | g_free(tmp); |
| 2996 | | | } |
| |