(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/auth/passdb-passwd-file.c) |
| |
| 63 | | | passwd_file_verify_plain(struct auth_request *request, const char *password, |
| 64 | | | verify_plain_callback_t *callback) |
| 65 | | | { |
| 66 | | | struct passdb_module *_module = request->passdb->passdb; |
| 67 | | | struct passwd_file_passdb_module *module = |
| 68 | | | (struct passwd_file_passdb_module *)_module; |
| 69 | | | struct passwd_user *pu; |
| 70 | | | const char *scheme, *crypted_pass; |
| 71 | | | int ret; |
| 72 | | | |
| 73 | [+] | | pu = db_passwd_file_lookup(module->pwf, request); |
 |
| 74 | | | if (pu == NULL) { |
Event 7:
Skipping " if". pu == (void *)0 evaluates to false.
hide
|
|
| 75 | | | callback(PASSDB_RESULT_USER_UNKNOWN, request); |
| 76 | | | return; |
| 77 | | | } |
| 78 | | | |
| 79 | [+] | | passwd_file_save_results(request, pu, &crypted_pass, &scheme); |
Event 8:
&crypted_pass is passed to passwd_file_save_results() as the third argument.
hide
|
|
 |
| 80 | | | |
| 81 | | | ret = auth_request_password_verify(request, password, crypted_pass, |
Event 30:
crypted_pass, which evaluates to NULL, is passed to auth_request_password_verify() as the third argument. See related event 28.
hide
|
|
| 82 | [+] | | scheme, "passwd-file"); |
 |
| |