(/home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-per.c) |
| |
| 1617 | | | dissect_per_choice(tvbuff_t *tvb, guint32 offset, asn1_ctx_t *actx, proto_tree *tree, int hf_index, gint ett_index, const per_choice_t *choice, gint *value) |
| 1618 | | | { |
| 1619 | | | gboolean extension_present, extension_flag; |
| 1620 | | | int extension_root_entries; |
| 1621 | | | int extension_addition_entries; |
| 1622 | | | guint32 choice_index; |
| 1623 | | | int i, index, cidx; |
| 1624 | | | guint32 ext_length; |
| 1625 | | | guint32 old_offset = offset; |
| 1626 | | | proto_item *choice_item = NULL; |
| 1627 | | | proto_tree *choice_tree = NULL; |
| 1628 | | | |
| 1629 | | | DEBUG_ENTRY("dissect_per_choice"); |
| 1630 | | | |
| 1631 | | | if (value) *value = -1; |
Event 1:
Taking true branch. value evaluates to true.
hide
|
|
| 1632 | | | |
| 1633 | | | |
| 1634 | | | if (choice[0].extension == ASN1_NO_EXTENSIONS){ |
Event 2:
Taking false branch. choice[0].extension == 0 evaluates to false.
hide
|
|
| 1635 | | | extension_present = FALSE; |
| 1636 | | | extension_flag = FALSE; |
| 1637 | | | } else { |
| 1638 | | | extension_present = TRUE; |
Event 3:
!0 evaluates to true.
hide
|
|
| 1639 | [+] | | offset = dissect_per_boolean(tvb, offset, actx, tree, hf_per_extension_bit, &extension_flag); |
 |
| 1640 | | | if (!display_internal_per_fields) PROTO_ITEM_SET_HIDDEN(actx->created_item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
319 | #define PROTO_ITEM_SET_HIDDEN(proto_item) \ |
320 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_HIDDEN) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
Event 7:
Taking true branch. display_internal_per_fields evaluates to false.
hide
Event 8:
actx->created_item evaluates to false.
hide
|
|
| 1641 | | | } |
| 1642 | | | |
| 1643 | | | |
| 1644 | | | extension_root_entries = 0; |
| 1645 | | | extension_addition_entries = 0; |
| 1646 | | | for (i=0; choice[i].p_id; i++) { |
| 1647 | | | switch(choice[i].extension){ |
| 1648 | | | case ASN1_NO_EXTENSIONS: |
| 1649 | | | case ASN1_EXTENSION_ROOT: |
| 1650 | | | extension_root_entries++; |
| 1651 | | | break; |
| 1652 | | | case ASN1_NOT_EXTENSION_ROOT: |
| 1653 | | | extension_addition_entries++; |
| 1654 | | | break; |
| 1655 | | | } |
| 1656 | | | } |
| 1657 | | | |
| 1658 | | | if (!extension_flag) { |
Event 10:
Taking false branch. extension_flag evaluates to true.
hide
|
|
| 1659 | | | if (extension_root_entries == 1) { |
| 1660 | | | choice_index = 0; |
| 1661 | | | } else { |
| 1662 | | | offset = dissect_per_constrained_integer(tvb, offset, actx, |
| 1663 | | | tree, hf_per_choice_index, 0, extension_root_entries - 1, |
| 1664 | | | &choice_index, FALSE); |
| 1665 | | | if (!display_internal_per_fields) PROTO_ITEM_SET_HIDDEN(actx->created_item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
319 | #define PROTO_ITEM_SET_HIDDEN(proto_item) \ |
320 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_HIDDEN) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 1666 | | | } |
| 1667 | | | |
| 1668 | | | index = -1; cidx = choice_index; |
| 1669 | | | for (i=0; choice[i].p_id; i++) { |
| 1670 | | | if(choice[i].extension != ASN1_NOT_EXTENSION_ROOT){ |
| 1671 | | | if (!cidx) { index = i; break; } |
| 1672 | | | cidx--; |
| 1673 | | | } |
| 1674 | | | } |
| 1675 | | | } else { |
| 1676 | | | offset = dissect_per_normally_small_nonnegative_whole_number(tvb, offset, actx, tree, hf_per_choice_extension_index, &choice_index); |
| 1677 | [+] | | offset = dissect_per_length_determinant(tvb, offset, actx, tree, hf_per_open_type_length, &ext_length); |
Event 11:
dissect_per_length_determinant() does not initialize ext_length. - This may be because of a failure case or other special case for dissect_per_length_determinant().
hide
|
|
 |
| 1678 | | | |
| 1679 | | | index = -1; cidx = choice_index; |
| 1680 | | | for (i=0; choice[i].p_id; i++) { |
| 1681 | | | if(choice[i].extension == ASN1_NOT_EXTENSION_ROOT){ |
| 1682 | | | if (!cidx) { index = i; break; } |
| 1683 | | | cidx--; |
| 1684 | | | } |
| 1685 | | | } |
| 1686 | | | } |
| 1687 | | | |
| 1688 | | | if (index != -1) { |
Event 19:
Taking false branch. index != -1 evaluates to false.
hide
|
|
| 1689 | | | choice_item = proto_tree_add_uint(tree, hf_index, tvb, old_offset>>3, 0, choice[index].value); |
| 1690 | | | choice_tree = proto_item_add_subtree(choice_item, ett_index); |
| 1691 | | | if (!extension_flag) { |
| 1692 | | | offset = choice[index].func(tvb, offset, actx, choice_tree, *choice[index].p_id); |
| 1693 | | | } else { |
| 1694 | | | choice[index].func(tvb, offset, actx, choice_tree, *choice[index].p_id); |
| 1695 | | | offset += ext_length * 8; |
| 1696 | | | } |
| 1697 | | | proto_item_set_len(choice_item, BLEN(old_offset, offset));
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-per.c |
| |
93 | #define BLEN(old_offset, offset) (((offset)>>3)!=((old_offset)>>3)?((offset)>>3)-((old_offset)>>3):1) |
| |
|
| 1698 | | | } else { |
| 1699 | | | if (!extension_flag) { |
Event 20:
Taking false branch. extension_flag evaluates to true.
hide
|
|
| 1700 | | | PER_NOT_DECODED_YET("unknown extension root index in choice");
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-per.h |
| |
30 | #define PER_NOT_DECODED_YET(x) \ |
31 | proto_tree_add_text(tree, tvb, 0, 0, "something unknown here [%s]",x); \ |
32 | if (check_col(actx->pinfo->cinfo, COL_INFO)){ \ |
33 | col_append_fstr(actx->pinfo->cinfo, COL_INFO, "[UNKNOWN PER: %s]", x); \ |
34 | } \ |
35 | tvb_get_guint8(tvb, 9999); |
| |
|
| 1701 | | | } else { |
| 1702 | | | offset += ext_length * 8; |
Uninitialized Variable
ext_length was not initialized. The issue can occur if the highlighted code executes. See related event 11. Show: All events | Only primary events |
|
| |