(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/login-common/main.c) |
| |
| 114 | | | static void login_accept_ssl(void *context) |
| 115 | | | { |
| 116 | | | int listen_fd = POINTER_CAST_TO(context, int);
x /home/sate/Testcases/c/cve/dovecot-1.2.0/src/lib/macros.h |
| |
49 | #define POINTER_CAST_TO(p, type) \ |
50 | ((type) ((const char *) (p) - (const char *) NULL)) |
| |
|
| 117 | | | struct ip_addr remote_ip, local_ip; |
| 118 | | | unsigned int remote_port, local_port; |
| 119 | | | struct client *client; |
| 120 | | | struct ssl_proxy *proxy; |
| 121 | | | int fd, fd_ssl; |
| 122 | | | |
| 123 | [+] | | fd = net_accept(listen_fd, &remote_ip, &remote_port); |
 |
| 124 | | | if (fd < 0) { |
Event 9:
Skipping " if". fd < 0 evaluates to false.
hide
|
|
| 125 | | | if (fd < -1) |
| 126 | | | i_error("accept() failed: %m"); |
| 127 | | | return; |
| 128 | | | } |
| 129 | | | i_set_failure_ip(&remote_ip); |
| 130 | | | |
| 131 | [+] | | if (net_getsockname(fd, &local_ip, &local_port) < 0) { |
 |
| 132 | | | memset(&local_ip, 0, sizeof(local_ip)); |
| 133 | | | local_port = 0; |
| 134 | | | } |
| 135 | | | |
| 136 | | | connection_queue_add(1); |
| 137 | | | |
| 138 | [+] | | fd_ssl = ssl_proxy_new(fd, &remote_ip, &proxy); |
 |
| 139 | | | if (fd_ssl == -1) |
Event 36:
Taking false branch. fd_ssl == -1 evaluates to false.
hide
|
|
| 140 | | | net_disconnect(fd); |
| 141 | | | else { |
| 142 | [+] | | client = client_create(fd_ssl, TRUE, &local_ip, &remote_ip); |
Event 37:
!0 evaluates to true.
hide
|
|
 |
| 143 | | | client->proxy = proxy; |
Null Pointer Dereference
client is dereferenced here, but it is NULL. The issue can occur if the highlighted code executes. See related event 46. Show: All events | Only primary events |
|
| |