(/home/sate/Testcases/c/cve/wireshark-1.2.0/epan/osi-utils.c) |
| |
| 149 | | | print_area_buf(const guint8 *ad, int length, gchar *buf, int buf_len) |
| 150 | | | { |
| 151 | | | gchar *cur; |
| 152 | | | int tmp = 0; |
| 153 | | | |
| 154 | | | |
| 155 | | | |
| 156 | | | |
| 157 | | | if (length <= 0 || length > MAX_AREA_LEN) { |
| 158 | | | g_snprintf(buf, buf_len, "<Invalid length of AREA>"); |
| 159 | | | return; |
| 160 | | | } |
| 161 | | | |
| 162 | | | cur = buf; |
| 163 | | | if ( ( ( NSAP_IDI_ISODCC == *ad ) |
| 164 | | | || ( NSAP_IDI_GOSIP2 == *ad ) |
| 165 | | | ) |
| 166 | | | && |
| 167 | | | ( ( RFC1237_FULLAREA_LEN == length ) |
| 168 | | | || ( RFC1237_FULLAREA_LEN + 1 == length ) |
| 169 | | | ) |
| 170 | | | ) { |
| 171 | | | |
| 172 | | | |
| 173 | | | |
| 174 | | | |
| 175 | | | |
| 176 | | | |
| 177 | | | |
| 178 | | | cur += g_snprintf(cur, (gulong) (buf_len-(cur-buf)), "[%02x|%02x:%02x][%02x|%02x:%02x:%02x|%02x:%02x]", |
| 179 | | | ad[0], ad[1], ad[2], ad[3], ad[4], |
| 180 | | | ad[5], ad[6], ad[7], ad[8] ); |
| 181 | | | cur += g_snprintf(cur, (gulong) (buf_len-(cur-buf)), "[%02x:%02x|%02x:%02x]", |
| 182 | | | ad[9], ad[10], ad[11], ad[12] ); |
| 183 | | | if ( RFC1237_FULLAREA_LEN + 1 == length ) |
| 184 | | | g_snprintf(cur, (gulong) (buf_len-(cur-buf)), "-[%02x]", ad[20] ); |
| 185 | | | } |
| 186 | | | else { |
| 187 | | | if ( length == RFC1237_AREA_LEN ) { |
| 188 | | | g_snprintf(buf, buf_len, "%02x.%02x%02x", ad[0], ad[1], ad[2] ); |
| 189 | | | return; |
| 190 | | | } |
| 191 | | | if ( 4 < length ) { |
| 192 | | | while ( tmp < length / 4 ) { |
| 193 | | | cur += g_snprintf(cur, (gulong) (buf_len-(cur-buf)), "%02x", ad[tmp++] ); |
| 194 | | | cur += g_snprintf(cur, (gulong) (buf_len-(cur-buf)), "%02x", ad[tmp++] ); |
| 195 | | | cur += g_snprintf(cur, (gulong) (buf_len-(cur-buf)), "%02x", ad[tmp++] ); |
| 196 | | | cur += g_snprintf(cur, (gulong) (buf_len-(cur-buf)), "%02x.", ad[tmp++] ); |
| 197 | | | } |
| 198 | | | if ( 1 == tmp ) { |
Redundant Condition
1 == tmp always evaluates to false. This may be because: - There is a constant assignment to one or more of the variables involved.
- An earlier conditional statement has already ensured that 1 == tmp cannot be true.
- A crashing bug occurs on every path where 1 == tmp could have evaluated to true. Look for a preceding Null Pointer Dereference or Division By Zero warning.
|
|
| 199 | | | cur--; |
| 200 | | | g_snprintf(cur, (gulong) (buf_len-(cur-buf)), "-%02x", ad[tmp] ); |
| 201 | | | } |
| 202 | | | else { |
| 203 | | | for ( ; tmp < length; ) { |
| 204 | | | cur += g_snprintf(cur, (gulong) (buf_len-(cur-buf)), "%02x", ad[tmp++] ); |
| 205 | | | } |
| 206 | | | } |
| 207 | | | } |
| 208 | | | } |
| 209 | | | } |
| |