(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/auth/userdb-checkpassword.c) |
| |
| 105 | | | checkpassword_lookup_child(struct auth_request *request, |
| 106 | | | struct checkpassword_userdb_module *module, |
| 107 | | | int fd_in, int fd_out) |
| 108 | | | { |
| 109 | | | const char *cmd, *const *args; |
| 110 | | | |
| 111 | | | if (dup2(fd_out, 3) < 0 || dup2(fd_in, 4) < 0) { |
Event 1:
Taking false branch. - dup2(fd_out, 3) < 0 evaluates to false.
- dup2(fd_in, 4) < 0 evaluates to false.
hide
|
|
| 112 | | | auth_request_log_error(request, "userdb-checkpassword", |
| 113 | | | "dup2() failed: %m"); |
| 114 | | | } else { |
| 115 | | | |
| 116 | | | |
| 117 | | | |
| 118 | | | |
| 119 | | | |
| 120 | | | |
| 121 | | | env_put("AUTHORIZED=1"); |
| 122 | | | checkpassword_setup_env(request); |
| 123 | | | |
| 124 | | | cmd = t_strconcat(module->checkpassword_path, " ", |
Event 7:
cmd is set to t_strconcat(...), which evaluates to NULL. See related event 6.
hide
|
|
| 125 | [+] | | module->checkpassword_reply_path, NULL); |
 |
| 126 | | | auth_request_log_debug(request, "userdb-checkpassword", |
| 127 | | | "execute: %s", cmd); |
| 128 | | | |
| 129 | [+] | | args = t_strsplit(cmd, " "); |
Event 8:
cmd, which evaluates to NULL, is passed to t_strsplit() as the first argument. See related event 7.
hide
|
|
 |
| |