(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/login-common/ssl-proxy-openssl.c) |
| |
| 890 | | | void ssl_proxy_init(void) |
| 891 | | | { |
| 892 | | | static char dovecot[] = "dovecot"; |
| 893 | | | const char *certfile, *keyfile; |
| 894 | | | unsigned char buf; |
| 895 | | | |
| 896 | | | memset(&ssl_params, 0, sizeof(ssl_params)); |
| 897 | | | |
| 898 | | | certfile = getenv("SSL_CERT_FILE"); |
| 899 | | | keyfile = getenv("SSL_KEY_FILE"); |
Ignored Return Value
The return value of getenv() is never checked in the highlighted execution scenario. - If the return value can indicate an error, the error will be ignored if the highlighted code executes.
- The return value of getenv() is checked 99% of the time in this project. CodeSonar is configured to enforce Ignored Return Value checks for any function whose return value is checked at least 96% of the time, unless the function is used fewer than 20 times. (To modify these thresholds, use configuration file parameters RETURN_CHECKER_SAMPLE_SIZE and RETURN_CHECKER_RATIO. To exempt getenv() from the Ignored Return Value check, use configuration file parameter RETURN_CHECKER_IGNORED_FUNCS).
Show: All events | Only primary events |
|
| 900 | | | ssl_params.fname = getenv("SSL_PARAM_FILE"); |
| 901 | | | |
| 902 | | | if (certfile == NULL || keyfile == NULL || ssl_params.fname == NULL) { |
Event 2:
Taking true branch. certfile == (void *)0 evaluates to true.
hide
|
|
| 903 | | | |
| 904 | | | return; |
| 905 | | | } |
| 906 | | | |
| 907 | | | SSL_library_init(); |
| 908 | | | SSL_load_error_strings(); |
| 909 | | | |
| 910 | | | extdata_index = SSL_get_ex_new_index(0, dovecot, NULL, NULL, NULL); |
| 911 | | | ssl_proxy_init_server(certfile, keyfile); |
| 912 | | | ssl_proxy_init_client(); |
| 913 | | | |
| 914 | | | |
| 915 | | | |
| 916 | | | |
| 917 | | | |
| 918 | | | (void)RAND_bytes(&buf, 1); |
| 919 | | | |
| 920 | | | ssl_proxy_count = 0; |
| 921 | | | ssl_proxies = NULL; |
| 922 | | | ssl_initialized = TRUE; |
| 923 | | | } |
| |