(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/auth/password-scheme.c) |
| |
| 255 | | | crypt_verify(const char *plaintext, const char *user ATTR_UNUSED, |
| 256 | | | const unsigned char *raw_password, size_t size) |
| 257 | | | { |
| 258 | | | const char *password, *crypted; |
| 259 | | | |
| 260 | | | if (size == 0) { |
Event 1:
Skipping " if". size == 0 evaluates to false.
hide
|
|
| 261 | | | |
| 262 | | | return FALSE; |
| 263 | | | } |
| 264 | | | |
| 265 | [+] | | password = t_strndup(raw_password, size); |
 |
| 266 | [+] | | crypted = mycrypt(plaintext, password); |
Event 11:
password, which evaluates to NULL, is passed to mycrypt() as the second argument. See related event 10.
hide
|
|
 |
| |