(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/lib-storage/index/maildir/maildir-save.c) |
| |
| 435 | | | static int maildir_save_finish_real(struct mail_save_context *_ctx) |
| 436 | | | { |
| 437 | | | struct maildir_save_context *ctx = (struct maildir_save_context *)_ctx; |
| 438 | | | struct mail_storage *storage = &ctx->mbox->storage->storage; |
| 439 | | | struct utimbuf buf; |
| 440 | | | struct stat st; |
| 441 | | | const char *path; |
| 442 | | | int output_errno; |
| 443 | | | |
| 444 | | | ctx->finished = TRUE; |
Event 1:
!0 evaluates to true.
hide
|
|
| 445 | | | if (ctx->failed && ctx->fd == -1) { |
Event 2:
Skipping " if". - ctx->failed evaluates to true.
- ctx->fd == -1 evaluates to false.
hide
|
|
| 446 | | | |
| 447 | | | return -1; |
| 448 | | | } |
| 449 | | | |
| 450 | [+] | | path = t_strconcat(ctx->tmpdir, "/", ctx->file_last->basename, NULL); |
 |
| 451 | [+] | | if (o_stream_flush(_ctx->output) < 0) { |
 |
| 452 | | | if (!mail_storage_set_error_from_errno(storage)) { |
| 453 | | | mail_storage_set_critical(storage, |
| 454 | | | "o_stream_flush(%s) failed: %m", path); |
| 455 | | | } |
| 456 | | | ctx->failed = TRUE; |
| 457 | | | } |
| 458 | | | |
| 459 | | | if (ctx->ctx.received_date != (time_t)-1) { |
Event 17:
Taking true branch. ctx->ctx.received_date != (time_t)-1 evaluates to true.
hide
|
|
| 460 | | | |
| 461 | | | buf.actime = ioloop_time; |
| 462 | | | buf.modtime = ctx->ctx.received_date; |
| 463 | | | |
| 464 | | | if (utime(path, &buf) < 0) { |
Event 18:
path, which evaluates to NULL, is passed to utime() as the first argument. See related event 8.
hide
Null Pointer Dereference
The body of utime() dereferences path, but it is NULL. The issue can occur if the highlighted code executes. See related event 18. Show: All events | Only primary events |
|
| |