(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/lib-storage/index/dbox/dbox-index.c) |
| |
| 90 | | | static int dbox_index_parse_maildir(struct dbox_index *index, const char *line, |
| 91 | | | struct dbox_index_record *rec) |
| 92 | | | { |
| 93 | | | char *p; |
| 94 | | | unsigned long uid; |
| 95 | | | |
| 96 | | | if (*line++ != ' ') |
| 97 | | | return -1; |
| 98 | | | |
| 99 | | | uid = strtoul(line, &p, 10); |
| 100 | | | if (*p++ != ' ' || *p == '\0' || uid == 0 || uid >= (uint32_t)-1) |
Redundant Condition
uid >= (uint32_t)-1 always evaluates to true. This may be because: - There is a constant assignment to one or more of the variables involved.
- An earlier conditional statement has already ensured that uid >= (uint32_t)-1 cannot be false.
- A crashing bug occurs on every path where uid >= (uint32_t)-1 could have evaluated to false. Look for a preceding Null Pointer Dereference or Division By Zero warning.
|
|
| 101 | | | return -1; |
| 102 | | | |
| 103 | | | if (*p == ':' || strstr(p, " :") != NULL) |
| 104 | | | rec->data = p_strdup(index->record_data_pool, line); |
| 105 | | | else { |
| 106 | | | |
| 107 | | | rec->data = p_strconcat(index->record_data_pool, |
| 108 | | | t_strdup_until(line, p), ":", p, NULL); |
| 109 | | | } |
| 110 | | | return 0; |
| 111 | | | } |
| |