(/home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-ipmi-se.c) |
| |
| 1092 | | | ssi_10_3(proto_tree *tree, tvbuff_t *tvb, const struct sensor_info *si _U_, |
| 1093 | | | guint32 b, guint32 offs, guint32 d) |
| 1094 | | | { |
| 1095 | | | proto_item *ti; |
| 1096 | | | proto_tree *s_tree; |
| 1097 | | | const value_string *off_vals; |
| 1098 | | | |
| 1099 | | | if (b == 0x3 && offs == 0x01) { |
Event 1:
Taking true branch. - b == 3 evaluates to true.
- offs == 1 evaluates to true.
hide
|
|
| 1100 | | | if (!ssi_10_saveptr) { |
Event 2:
Skipping " if". ssi_10_saveptr evaluates to true.
hide
|
|
| 1101 | | | return FALSE; |
| 1102 | | | } |
| 1103 | | | off_vals = ssi_10_saveptr->offsets ? ssi_10_saveptr->offsets : et_empty; |
Event 3:
ssi_10_saveptr->offsets evaluates to false.
hide
Event 4:
off_vals is set to ssi_10_saveptr->offsets ? ssi_10_saveptr->offsets : et_empty, which evaluates to et_empty. - This points to the buffer that will be overrun later.
hide
|
|
| 1104 | | | ti = proto_tree_add_text(tree, tvb, 0, 1, "Logging details/Offset"); |
| 1105 | | | s_tree = proto_item_add_subtree(ti, ett_ipmi_se_evt_evd_byte3); |
| 1106 | | | proto_tree_add_text(tree, tvb, 0, 1, "%sLogging disable for all events of given type: %s", |
| 1107 | | | ipmi_dcd8(d, 0x20), (d & 0x20) ? "True" : "False"); |
Event 5:
d & 32 evaluates to true.
hide
|
|
| 1108 | | | proto_tree_add_text(tree, tvb, 0, 1, "%s%s event", |
| 1109 | | | ipmi_dcd8(d, 0x10), (d & 0x10) ? "Deassertion" : "Assertion"); |
Event 6:
d & 16 evaluates to false.
hide
|
|
| 1110 | | | d &= 0x0f; |
| 1111 | | | proto_tree_add_text(tree, tvb, 0, 1, "%sEvent Offset: %s (0x%02x)", |
| 1112 | [+] | | ipmi_dcd8(d, 0x0f), val_to_str(d, off_vals, "Unknown"), d); |
Event 7:
off_vals, which evaluates to et_empty, is passed to val_to_str() as the second argument. See related event 4.
hide
|
|
 |
| |