(/home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-mgcp.c) |
| |
| 1980 | | | dissect_mgcp_localconnectionoptions(proto_tree *parent_tree, tvbuff_t *tvb, gint offset, gint param_type_len, gint param_val_len) |
| 1981 | | | { |
| 1982 | | | proto_tree *tree = parent_tree; |
| 1983 | | | proto_item *item = NULL; |
| 1984 | | | |
| 1985 | | | gchar *tokenline = NULL; |
| 1986 | | | gchar **tokens = NULL; |
| 1987 | | | gchar **typval = NULL; |
| 1988 | | | guint i = 0; |
| 1989 | | | guint tokenlen = 0; |
| 1990 | | | int hf_uint = -1; |
| 1991 | | | int hf_string = -1; |
| 1992 | | | |
| 1993 | | | if (parent_tree) |
Event 1:
Skipping " if". parent_tree evaluates to false.
hide
|
|
| 1994 | | | { |
| 1995 | | | item = proto_tree_add_item(parent_tree, hf_mgcp_param_localconnoptions, tvb, offset, param_type_len+param_val_len, FALSE); |
| 1996 | | | tree = proto_item_add_subtree(item, ett_mgcp_param_localconnectionoptions); |
| 1997 | | | } |
| 1998 | | | |
| 1999 | | | |
| 2000 | | | offset += param_type_len; |
| 2001 | | | tokenline = tvb_get_ephemeral_string(tvb, offset, param_val_len); |
| 2002 | | | |
| 2003 | | | |
| 2004 | [+] | | tokens = ep_strsplit(tokenline, ",", -1); |
 |
| 2005 | | | for (i = 0; tokens[i] != NULL; i++) |
Null Pointer Dereference
tokens is dereferenced here, but it is NULL. The issue can occur if the highlighted code executes. See related event 4. Show: All events | Only primary events |
|
| |