(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/lib-mail/message-header-decode.c) |
| |
| 12 | | | (const unsigned char *data, size_t size, |
| 13 | | | buffer_t *decodebuf, unsigned int *charsetlen_r) |
| 14 | | | { |
| 15 | | | #define QCOUNT 3 |
| 16 | | | unsigned int num = 0; |
| 17 | | | size_t i, start_pos[QCOUNT]; |
| 18 | | | |
| 19 | | | |
| 20 | | | for (i = 0; i < size; i++) { |
Event 1:
Leaving loop. i < size evaluates to false.
hide
|
|
| 21 | | | if (data[i] == '?') { |
| 22 | | | start_pos[num++] = i; |
| 23 | | | if (num == QCOUNT) |
| 24 | | | break; |
| 25 | | | } |
| 26 | | | } |
| 27 | | | if (i == size || data[i+1] != '=') { |
Event 2:
Skipping " if". - i == size evaluates to false.
- data[i + 1] != 61 evaluates to false.
hide
|
|
| 28 | | | |
| 29 | | | return 0; |
| 30 | | | } |
| 31 | | | |
| 32 | | | buffer_append(decodebuf, data, start_pos[0]); |
Uninitialized Variable
start_pos was not initialized. The issue can occur if the highlighted code executes. Show: All events | Only primary events |
|
| |