(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/master/auth-process.c) |
| |
| 723 | | | static void auth_process_group_destroy(struct auth_process_group *group) |
| 724 | | | { |
| 725 | | | struct auth_process *next; |
| 726 | | | const char *path; |
| 727 | | | |
| 728 | | | while (group->processes != NULL) { |
Event 1:
Leaving loop. group->processes != (void *)0 evaluates to false.
hide
|
|
| 729 | | | next = group->processes->next; |
| 730 | | | auth_process_destroy(group->processes); |
| 731 | | | group->processes = next; |
| 732 | | | } |
| 733 | | | |
| 734 | | | path = t_strconcat(group->set->parent->defaults->login_dir, "/", |
Event 7:
path is set to t_strconcat(...), which evaluates to NULL. See related event 6.
hide
|
|
| 735 | [+] | | group->set->name, NULL); |
 |
| 736 | | | (void)unlink(path); |
Event 8:
path, which evaluates to NULL, is passed to unlink(). See related event 7.
hide
Null Pointer Dereference
The body of unlink() dereferences path, but it is NULL. The issue can occur if the highlighted code executes. See related event 8. Show: All events | Only primary events |
|
| |