(/home/sate/Testcases/c/cve/wireshark-1.2.0/gtk/drag_and_drop.c) |
| |
| 60 | | | static gchar * |
| 61 | | | dnd_uri2filename(gchar *cf_name) |
| 62 | | | { |
| 63 | | | gchar *src, *dest; |
| 64 | | | gint ret; |
| 65 | | | guint i; |
| 66 | | | gchar esc[3]; |
| 67 | | | |
| 68 | | | |
| 69 | | | |
| 70 | | | |
| 71 | | | #ifdef _WIN32 |
| 72 82 |  | | [ Lines 72 to 82 omitted. ] |
| 83 | | | cf_name += 8; |
| 84 | | | } |
| 85 | | | #else |
| 86 | | | |
| 87 | | | |
| 88 | | | |
| 89 | | | |
| 90 | | | |
| 91 | | | |
| 92 | | | |
| 93 | | | if (strncmp("file:", cf_name, 5) == 0) { |
Event 1:
Skipping " if". strncmp(...) == 0 evaluates to false.
hide
|
|
| 94 | | | |
| 95 | | | cf_name += 5; |
| 96 | | | |
| 97 | | | for(; cf_name[1] == '/'; ++cf_name); |
| 98 | | | } |
| 99 | | | #endif |
| 100 | | | |
| 101 | | | |
| 102 | | | |
| 103 | | | |
| 104 | | | |
| 105 | | | |
| 106 | | | |
| 107 | | | |
| 108 | | | |
| 109 | | | |
| 110 | | | |
| 111 | | | src = cf_name; |
| 112 | | | dest = cf_name; |
| 113 | | | while (*src) { |
Event 2:
Entering loop body. *src evaluates to true.
hide
|
|
| 114 | | | if (*src == '%') { |
Event 3:
Taking true branch. *src == 37 evaluates to true.
hide
|
|
| 115 | | | src++; |
| 116 | | | if (*src == '%') { |
Event 4:
Taking false branch. *src == 37 evaluates to false.
hide
|
|
| 117 | | | |
| 118 | | | *dest = *src; |
| 119 | | | src++; |
| 120 | | | dest++; |
| 121 | | | } else { |
| 122 | | | |
| 123 | | | esc[0] = src[0]; |
| 124 | | | esc[1] = src[1]; |
| 125 | | | esc[2] = '\0'; |
| 126 | | | ret = sscanf(esc, "%x", &i); |
| 127 | | | if (ret == 1) { |
Event 8:
Taking true branch. ret == 1 evaluates to true.
hide
|
|
| 128 | | | src+=2; |
| 129 | | | *dest = (gchar) i; |
Cast Alters Value
i is cast from unsigned int to char. - i could be 128 or higher.
- Values 128 or higher cannot be stored as char. Casting them to char can cause data loss or sign change.
The issue can occur if the highlighted code executes. See related event 7. Show: All events | Only primary events |
|
| |