(/home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-mgcp.c) |
| |
| 1868 | | | dissect_mgcp_connectionparams(proto_tree *parent_tree, tvbuff_t *tvb, gint offset, gint param_type_len, gint param_val_len) |
| 1869 | | | { |
| 1870 | | | proto_tree *tree = parent_tree; |
| 1871 | | | proto_item *item = NULL; |
| 1872 | | | |
| 1873 | | | gchar *tokenline = NULL; |
| 1874 | | | gchar **tokens = NULL; |
| 1875 | | | gchar **typval = NULL; |
| 1876 | | | guint i = 0; |
| 1877 | | | guint tokenlen = 0; |
| 1878 | | | int hf_uint = -1; |
| 1879 | | | int hf_string = -1; |
| 1880 | | | |
| 1881 | | | if (parent_tree) |
Event 1:
Skipping " if". parent_tree evaluates to false.
hide
|
|
| 1882 | | | { |
| 1883 | | | item = proto_tree_add_item(parent_tree, hf_mgcp_param_connectionparam, tvb, offset, param_type_len+param_val_len, FALSE); |
| 1884 | | | tree = proto_item_add_subtree(item, ett_mgcp_param_connectionparam); |
| 1885 | | | } |
| 1886 | | | |
| 1887 | | | |
| 1888 | | | offset += param_type_len; |
| 1889 | | | tokenline = tvb_get_ephemeral_string(tvb, offset, param_val_len); |
| 1890 | | | |
| 1891 | | | |
| 1892 | [+] | | tokens = ep_strsplit(tokenline, ",", -1); |
 |
| 1893 | | | |
| 1894 | | | for (i = 0; tokens[i] != NULL; i++) |
Null Pointer Dereference
tokens is dereferenced here, but it is NULL. The issue can occur if the highlighted code executes. See related event 4. Show: All events | Only primary events |
|
| |