(/home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-snmp.c) |
| |
| 2602 | | | dissect_snmp_pdu(tvbuff_t *tvb, int offset, packet_info *pinfo, |
| 2603 | | | proto_tree *tree, int proto, gint ett, gboolean is_tcp) |
| 2604 | | | { |
| 2605 | | | |
| 2606 | | | guint length_remaining; |
| 2607 | | | gint8 class; |
| 2608 | | | gboolean pc, ind = 0; |
| 2609 | | | gint32 tag; |
| 2610 | | | guint32 len; |
| 2611 | | | guint message_length; |
| 2612 | | | int start_offset = offset; |
| 2613 | | | guint32 version = 0; |
| 2614 | | | |
| 2615 | | | proto_tree *snmp_tree = NULL; |
| 2616 | | | proto_item *item = NULL; |
| 2617 | | | asn1_ctx_t asn1_ctx; |
| 2618 | | | asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo); |
| 2619 | | | |
| 2620 | | | |
| 2621 | | | usm_p.msg_tvb = tvb; |
| 2622 | | | usm_p.start_offset = offset_from_real_beginning(tvb,0) ; |
| 2623 | | | usm_p.engine_tvb = NULL; |
| 2624 | | | usm_p.user_tvb = NULL; |
| 2625 | | | usm_p.auth_item = NULL; |
| 2626 | | | usm_p.auth_tvb = NULL; |
| 2627 | | | usm_p.auth_offset = 0; |
| 2628 | | | usm_p.priv_tvb = NULL; |
| 2629 | | | usm_p.user_assoc = NULL; |
| 2630 | | | usm_p.authenticated = FALSE; |
| 2631 | | | usm_p.encrypted = FALSE; |
| 2632 | | | usm_p.boots = 0; |
| 2633 | | | usm_p.time = 0; |
| 2634 | | | usm_p.authOK = FALSE; |
| 2635 | | | |
| 2636 | | | |
| 2637 | | | |
| 2638 | | | |
| 2639 | | | |
| 2640 | | | |
| 2641 | | | |
| 2642 | | | |
| 2643 | | | |
| 2644 | | | |
| 2645 | | | length_remaining = tvb_ensure_length_remaining(tvb, offset); |
| 2646 | | | |
| 2647 | | | |
| 2648 | | | |
| 2649 | | | |
| 2650 | | | |
| 2651 | | | |
| 2652 | | | |
| 2653 | | | |
| 2654 | | | |
| 2655 | | | |
| 2656 | | | if (is_tcp && snmp_desegment && pinfo->can_desegment) { |
| 2657 | | | |
| 2658 | | | |
| 2659 | | | |
| 2660 | | | |
| 2661 | | | |
| 2662 | | | |
| 2663 | | | |
| 2664 | | | |
| 2665 | | | if (length_remaining < 6) { |
| 2666 | | | pinfo->desegment_offset = offset; |
| 2667 | | | pinfo->desegment_len = 6 - length_remaining; |
| 2668 | | | |
| 2669 | | | |
| 2670 | | | |
| 2671 | | | |
| 2672 | | | |
| 2673 | | | |
| 2674 | | | return 0; |
| 2675 | | | } |
| 2676 | | | } |
| 2677 | | | |
| 2678 | | | |
| 2679 | | | |
| 2680 | | | |
| 2681 | | | |
| 2682 | | | |
| 2683 | | | offset = dissect_ber_identifier(pinfo, 0, tvb, offset, &class, &pc, &tag); |
| 2684 | | | offset = dissect_ber_length(pinfo, 0, tvb, offset, &len, &ind); |
| 2685 | | | |
| 2686 | | | message_length = len + 2; |
| 2687 | | | offset = dissect_ber_integer(FALSE, &asn1_ctx, 0, tvb, offset, -1, &version); |
Ignored Return Value
The return value of dissect_ber_integer() is never checked in the highlighted execution scenario. - If the return value can indicate an error, the error will be ignored if the highlighted code executes.
- The return value of dissect_ber_integer() is checked 100% of the time in this project. CodeSonar is configured to enforce Ignored Return Value checks for any function whose return value is checked at least 96% of the time, unless the function is used fewer than 20 times. (To modify these thresholds, use configuration file parameters RETURN_CHECKER_SAMPLE_SIZE and RETURN_CHECKER_RATIO. To exempt dissect_ber_integer() from the Ignored Return Value check, use configuration file parameter RETURN_CHECKER_IGNORED_FUNCS).
Show: All events | Only primary events |
|
| 2688 | | | |
| 2689 | | | |
| 2690 | | | |
| 2691 | | | |
| 2692 | | | |
| 2693 | | | |
| 2694 | | | if (is_tcp && snmp_desegment && pinfo->can_desegment) { |
| 2695 | | | |
| 2696 | | | |
| 2697 | | | |
| 2698 | | | if (length_remaining < message_length) { |
Event 3:
Skipping " if". length_remaining < message_length evaluates to false.
hide
|
|
| 2699 | | | |
| 2700 | | | |
| 2701 | | | |
| 2702 | | | |
| 2703 | | | |
| 2704 | | | |
| 2705 | | | pinfo->desegment_offset = start_offset; |
| 2706 | | | pinfo->desegment_len = |
| 2707 | | | message_length - length_remaining; |
| 2708 | | | |
| 2709 | | | |
| 2710 | | | |
| 2711 | | | |
| 2712 | | | |
| 2713 | | | |
| 2714 | | | return 0; |
| 2715 | | | } |
| 2716 | | | } |
| 2717 | | | |
| 2718 | | | next_tvb_init(&var_list); |
| 2719 | | | |
| 2720 | | | if (check_col(pinfo->cinfo, COL_PROTOCOL)) { |
Event 4:
Taking true branch. check_col(...) evaluates to true.
hide
|
|
| 2721 | | | col_set_str(pinfo->cinfo, COL_PROTOCOL, |
| 2722 | | | proto_get_protocol_short_name(find_protocol_by_id(proto))); |
| 2723 | | | } |
| 2724 | | | |
| 2725 | | | if (tree) { |
Event 5:
Skipping " if". tree evaluates to false.
hide
|
|
| 2726 | | | item = proto_tree_add_item(tree, proto, tvb, offset, |
| 2727 | | | message_length, FALSE); |
| 2728 | | | snmp_tree = proto_item_add_subtree(item, ett); |
| 2729 | | | } |
| 2730 | | | |
| 2731 | | | switch (version){ |
Event 6:
version evaluates to 0.
hide
|
|
| 2732 | | | case 0: |
| 2733 | | | case 1: |
| 2734 | | | offset = dissect_snmp_Message(FALSE , tvb, start_offset, &asn1_ctx, snmp_tree, -1); |
| 2735 | | | break; |
| 2736 | | | case 2: |
| 2737 | | | offset = dissect_snmp_Messagev2u(FALSE , tvb, start_offset, &asn1_ctx, snmp_tree, -1); |
| 2738 | | | break; |
| 2739 | | | |
| 2740 | | | case 3: |
| 2741 | | | offset = dissect_snmp_SNMPv3Message(FALSE , tvb, start_offset, &asn1_ctx, snmp_tree, -1); |
| 2742 | | | break; |
| 2743 | | | default: |
| 2744 | | | |
| 2745 | | | |
| 2746 | | | |
| 2747 | | | |
| 2748 | | | |
| 2749 | | | proto_tree_add_text(snmp_tree, tvb, offset, -1,"Unknown version"); |
| 2750 | | | return length_remaining; |
| 2751 | | | break; |
| 2752 | | | } |
| 2753 | | | |
| 2754 | | | next_tvb_call(&var_list, pinfo, tree, NULL, data_handle); |
| 2755 | | | |
| 2756 | | | return offset; |
| 2757 | | | } |
| |