(/home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-ipsec.c) |
| |
| 883 | | | esp_sa_parse_filter(const gchar *sa_src, gint *pt_protocol_typ, gchar **pt_src, gint *pt_src_len, gchar **pt_dst, gint *pt_dst_len, gchar **pt_spi) |
| 884 | | | { |
| 885 | | | gchar *src_string; |
| 886 | | | gchar *dst_string; |
| 887 | | | gchar *spi_string; |
| 888 | | | gint src_len = 0; |
| 889 | | | gint dst_len = 0; |
| 890 | | | gchar *src; |
| 891 | | | gchar *dst; |
| 892 | | | gchar *sa; |
| 893 | | | |
| 894 | | | guint index_end1 = 0; |
| 895 | | | guint index_end2 = 0; |
| 896 | | | |
| 897 | | | esp_sa_remove_white(sa_src,&sa); |
| 898 | | | if(!esp_sa_parse_protocol_typ(sa, 0, pt_protocol_typ, &index_end1)) return FALSE; |
| 899 | | | |
| 900 | | | switch(*pt_protocol_typ) |
Redundant Condition
In switch(*pt_protocol_typ), the default case will never be executed. This may be because: - There is a constant assignment to one or more of the variables involved.
- An earlier conditional statement has already ensured that this case cannot occur.
- A crashing bug occurs on every path where this case would have been executed. Look for a preceding Null Pointer Dereference or Division By Zero warning.
|
|
| 901 | | | { |
| 902 | | | |
| 903 | | | case IPSEC_SA_IPV4 : |
| 904 | | | { |
| 905 | | | if(esp_sa_parse_ipv4addr(sa, index_end1, &src_string, &index_end2)) |
| 906 | | | { |
| 907 | | | if(esp_sa_parse_addr_len(sa, index_end2, pt_src_len, &index_end1)) |
| 908 | | | { |
| 909 | | | if(esp_sa_parse_ipv4addr(sa, index_end1, &dst_string, &index_end2)) |
| 910 | | | { |
| 911 | | | if(esp_sa_parse_addr_len(sa, index_end2, pt_dst_len, &index_end1)) |
| 912 | | | { |
| 913 | | | if(!esp_sa_parse_spi(sa, index_end1, &spi_string, &index_end2)) |
| 914 | | | { |
| 915 | | | g_free(src_string); |
| 916 | | | g_free(dst_string); |
| 917 | | | g_free(spi_string); |
| 918 | | | g_free(sa); |
| 919 | | | return FALSE; |
| 920 | | | } |
| 921 | | | } |
| 922 | | | else |
| 923 | | | { |
| 924 | | | g_free(src_string); |
| 925 | | | g_free(dst_string); |
| 926 | | | g_free(sa); |
| 927 | | | return FALSE; |
| 928 | | | } |
| 929 | | | } |
| 930 | | | else |
| 931 | | | { |
| 932 | | | g_free(src_string); |
| 933 | | | g_free(sa); |
| 934 | | | return FALSE; |
| 935 | | | } |
| 936 | | | } |
| 937 | | | else |
| 938 | | | { |
| 939 | | | g_free(src_string); |
| 940 | | | g_free(sa); |
| 941 | | | return FALSE; |
| 942 | | | } |
| 943 | | | } |
| 944 | | | else |
| 945 | | | { |
| 946 | | | g_free(sa); |
| 947 | | | return FALSE; |
| 948 | | | } |
| 949 | | | |
| 950 | | | |
| 951 | | | |
| 952 | | | src = (gchar *)g_malloc((IPSEC_STRLEN_IPV4 + 1) * sizeof(gchar)); |
| 953 | | | get_full_ipv4_addr(src, src_string); |
| 954 | | | g_free(src_string); |
| 955 | | | |
| 956 | | | |
| 957 | | | dst = (gchar *)g_malloc((IPSEC_STRLEN_IPV4 + 1) * sizeof(gchar)); |
| 958 | | | get_full_ipv4_addr(dst, dst_string); |
| 959 | | | g_free(dst_string); |
| 960 | | | |
| 961 | | | g_free(sa); |
| 962 | | | break; |
| 963 | | | } |
| 964 | | | |
| 965 | | | case IPSEC_SA_IPV6 : |
| 966 | | | { |
| 967 | | | if(esp_sa_parse_ipv6addr(sa, index_end1, &src_string, &index_end2)) |
| 968 | | | { |
| 969 | | | if(esp_sa_parse_addr_len(sa, index_end2, &src_len, &index_end1)) |
| 970 | | | { |
| 971 | | | if(esp_sa_parse_ipv6addr(sa, index_end1, &dst_string, &index_end2)) |
| 972 | | | { |
| 973 | | | if(esp_sa_parse_addr_len(sa, index_end2, &dst_len, &index_end1)) |
| 974 | | | { |
| 975 | | | if(!esp_sa_parse_spi(sa, index_end1, &spi_string, &index_end2)) |
| 976 | | | { |
| 977 | | | g_free(src_string); |
| 978 | | | g_free(dst_string); |
| 979 | | | g_free(spi_string); |
| 980 | | | g_free(sa); |
| 981 | | | return FALSE; |
| 982 | | | } |
| 983 | | | } |
| 984 | | | else |
| 985 | | | { |
| 986 | | | g_free(src_string); |
| 987 | | | g_free(dst_string); |
| 988 | | | g_free(sa); |
| 989 | | | return FALSE; |
| 990 | | | } |
| 991 | | | } |
| 992 | | | else |
| 993 | | | { |
| 994 | | | g_free(src_string); |
| 995 | | | g_free(sa); |
| 996 | | | return FALSE; |
| 997 | | | } |
| 998 | | | } |
| 999 | | | else |
| 1000 | | | { |
| 1001 | | | g_free(src_string); |
| 1002 | | | g_free(sa); |
| 1003 | | | return FALSE; |
| 1004 | | | } |
| 1005 | | | } |
| 1006 | | | else |
| 1007 | | | { |
| 1008 | | | g_free(sa); |
| 1009 | | | return FALSE; |
| 1010 | | | } |
| 1011 | | | |
| 1012 | | | |
| 1013 | | | src = (gchar *)g_malloc((IPSEC_STRLEN_IPV6 + 1) * sizeof(gchar)); |
| 1014 | | | get_full_ipv6_addr(src, src_string); |
| 1015 | | | g_free(src_string); |
| 1016 | | | |
| 1017 | | | |
| 1018 | | | dst = (gchar *)g_malloc((IPSEC_STRLEN_IPV6 + 1) * sizeof(gchar)); |
| 1019 | | | get_full_ipv6_addr(dst, dst_string); |
| 1020 | | | g_free(dst_string); |
| 1021 | | | |
| 1022 | | | g_free(sa); |
| 1023 | | | break; |
| 1024 | | | } |
| 1025 | | | |
| 1026 | | | default: |
| 1027 | | | { |
| 1028 | | | g_free(sa); |
| 1029 | | | return FALSE; |
| 1030 | | | } |
| 1031 | | | } |
| 1032 | | | |
| 1033 | | | *pt_spi = spi_string; |
| 1034 | | | *pt_src = src; |
| 1035 | | | *pt_dst = dst; |
| 1036 | | | |
| 1037 | | | return TRUE; |
| 1038 | | | } |
| |