(/home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-x11.c) |
| |
| 2430 | | | static void string16(tvbuff_t *tvb, int *offsetp, proto_tree *t, int hf, |
| 2431 | | | int hf_bytes, unsigned length, gboolean little_endian) |
| 2432 | | | { |
| 2433 | | | char *s = NULL; |
Event 1:
s is set to NULL. - Dereferenced later, causing the null pointer dereference.
hide
|
|
| 2434 | | | gint l = 0; |
| 2435 | | | |
| 2436 | | | length += length; |
| 2437 | | | string16_with_buffer_preallocated(tvb, t, hf, hf_bytes, *offsetp, length, |
| 2438 | [+] | | &s, &l, little_endian); |
Event 2:
&s is passed to string16_with_buffer_preallocated() as the seventh argument.
hide
|
|
 |
| |