(/home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-vnc.c) |
| |
| 1639 | | | vnc_rre_encoding(tvbuff_t *tvb, packet_info *pinfo, gint *offset, |
| 1640 | | | proto_tree *tree, guint16 width _U_, guint16 height _U_) |
| 1641 | | | { |
| 1642 | [+] | | guint8 bytes_per_pixel = vnc_get_bytes_per_pixel(pinfo); |
 |
| 1643 | | | guint32 num_subrects, i; |
| 1644 | | | guint bytes_needed; |
| 1645 | | | proto_item *ti; |
| 1646 | | | proto_tree *subrect_tree; |
| 1647 | | | |
| 1648 | [+] | | VNC_BYTES_NEEDED(4);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-vnc.c |
| |
295 | #define VNC_BYTES_NEEDED(a) \ |
296 | if(a > (guint)tvb_length_remaining(tvb, *offset)) \ |
297 | return a; |
| |
|
 |
| 1649 | | | proto_tree_add_item(tree, hf_vnc_rre_num_subrects, tvb, *offset, |
| 1650 | | | 4, FALSE); |
| 1651 | [+] | | num_subrects = tvb_get_ntohl(tvb, *offset); |
 |
| 1652 | | | *offset += 4; |
| 1653 | | | |
| 1654 | [+] | | VNC_BYTES_NEEDED(bytes_per_pixel);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-vnc.c |
| |
295 | #define VNC_BYTES_NEEDED(a) \ |
296 | if(a > (guint)tvb_length_remaining(tvb, *offset)) \ |
297 | return a; |
| |
|
 |
| 1655 | | | proto_tree_add_item(tree, hf_vnc_rre_bg_pixel, tvb, *offset, |
| 1656 | | | bytes_per_pixel, FALSE); |
| 1657 | | | *offset += bytes_per_pixel; |
| 1658 | | | |
| 1659 | | | for(i = 1; i <= num_subrects; i++) { |
Event 27:
Entering loop body. i <= num_subrects evaluates to true.
hide
|
|
| 1660 | | | bytes_needed = bytes_per_pixel + 8; |
| 1661 | [+] | | VNC_BYTES_NEEDED(bytes_needed);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-vnc.c |
| |
295 | #define VNC_BYTES_NEEDED(a) \ |
296 | if(a > (guint)tvb_length_remaining(tvb, *offset)) \ |
297 | return a; |
| |
|
 |
| |