(/home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-per.c) |
| |
| 1773 | | | dissect_per_sequence(tvbuff_t *tvb, guint32 offset, asn1_ctx_t *actx, proto_tree *parent_tree, int hf_index, gint ett_index, const per_sequence_t *sequence) |
| 1774 | | | { |
| 1775 | | | gboolean extension_present, extension_flag, optional_field_flag; |
| 1776 | | | proto_item *item; |
| 1777 | | | proto_tree *tree; |
| 1778 | | | guint32 old_offset=offset; |
| 1779 | | | guint32 i, num_opts; |
| 1780 | | | guint32 optional_mask; |
| 1781 | | | |
| 1782 | | | DEBUG_ENTRY("dissect_per_sequence"); |
| 1783 | | | |
| 1784 | | | item=proto_tree_add_item(parent_tree, hf_index, tvb, offset>>3, 0, FALSE); |
| 1785 | | | tree=proto_item_add_subtree(item, ett_index); |
| 1786 | | | |
| 1787 | | | |
| 1788 | | | |
| 1789 | | | |
| 1790 | | | |
| 1791 | | | |
| 1792 | | | extension_flag=0; |
| 1793 | | | if(sequence[0].extension==ASN1_NO_EXTENSIONS){ |
Event 1:
Taking false branch. sequence[0].extension == 0 evaluates to false.
hide
|
|
| 1794 | | | extension_present=0; |
| 1795 | | | } else { |
| 1796 | | | extension_present=1; |
| 1797 | [+] | | offset=dissect_per_boolean(tvb, offset, actx, tree, hf_per_extension_bit, &extension_flag); |
 |
| 1798 | | | if (!display_internal_per_fields) PROTO_ITEM_SET_HIDDEN(actx->created_item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
319 | #define PROTO_ITEM_SET_HIDDEN(proto_item) \ |
320 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_HIDDEN) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
Event 5:
Skipping " if". display_internal_per_fields evaluates to true.
hide
|
|
| 1799 | | | } |
| 1800 | | | |
| 1801 | | | num_opts=0; |
| 1802 | | | for(i=0;sequence[i].p_id;i++){ |
| 1803 | | | if((sequence[i].extension!=ASN1_NOT_EXTENSION_ROOT)&&(sequence[i].optional==ASN1_OPTIONAL)){ |
| 1804 | | | num_opts++; |
| 1805 | | | } |
| 1806 | | | } |
| 1807 | | | |
| 1808 | | | optional_mask=0; |
| 1809 | | | for(i=0;i<num_opts;i++){ |
Event 7:
Leaving loop. i < num_opts evaluates to false.
hide
|
|
| 1810 | | | offset=dissect_per_boolean(tvb, offset, actx, tree, hf_per_optional_field_bit, &optional_field_flag); |
| 1811 | | | if (tree) { |
| 1812 | | | proto_item_append_text(actx->created_item, " (%s %s present)", |
| 1813 | | | index_get_optional_name(sequence, i), optional_field_flag?"is":"is NOT"); |
| 1814 | | | } |
| 1815 | | | if (!display_internal_per_fields) PROTO_ITEM_SET_HIDDEN(actx->created_item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
319 | #define PROTO_ITEM_SET_HIDDEN(proto_item) \ |
320 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_HIDDEN) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 1816 | | | optional_mask<<=1; |
| 1817 | | | if(optional_field_flag){ |
| 1818 | | | optional_mask|=0x01; |
| 1819 | | | } |
| 1820 | | | } |
| 1821 | | | |
| 1822 | | | |
| 1823 | | | |
| 1824 | | | for(i=0;sequence[i].p_id;i++){ |
| 1825 | | | if( (sequence[i].extension==ASN1_NO_EXTENSIONS) |
| 1826 | | | || (sequence[i].extension==ASN1_EXTENSION_ROOT) ){ |
| 1827 | | | if(sequence[i].optional==ASN1_OPTIONAL){ |
| 1828 | | | gboolean is_present; |
| 1829 | | | is_present=(1<<(num_opts-1))&optional_mask; |
| 1830 | | | num_opts--; |
| 1831 | | | if(!is_present){ |
| 1832 | | | continue; |
| 1833 | | | } |
| 1834 | | | } |
| 1835 | | | if(sequence[i].func){ |
| 1836 | | | offset=sequence[i].func(tvb, offset, actx, tree, *sequence[i].p_id); |
| 1837 | | | } else { |
| 1838 | | | PER_NOT_DECODED_YET(index_get_field_name(sequence, i));
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-per.h |
| |
30 | #define PER_NOT_DECODED_YET(x) \ |
31 | proto_tree_add_text(tree, tvb, 0, 0, "something unknown here [%s]",x); \ |
32 | if (check_col(actx->pinfo->cinfo, COL_INFO)){ \ |
33 | col_append_fstr(actx->pinfo->cinfo, COL_INFO, "[UNKNOWN PER: %s]", x); \ |
34 | } \ |
35 | tvb_get_guint8(tvb, 9999); |
| |
|
| 1839 | | | } |
| 1840 | | | } |
| 1841 | | | } |
| 1842 | | | |
| 1843 | | | |
| 1844 | | | if(extension_flag){ |
Event 9:
Taking true branch. extension_flag evaluates to true.
hide
|
|
| 1845 | | | gboolean extension_bit; |
| 1846 | | | guint32 num_known_extensions; |
| 1847 | | | guint32 num_extensions; |
| 1848 | | | guint32 extension_mask; |
| 1849 | | | |
| 1850 | [+] | | offset=dissect_per_normally_small_nonnegative_whole_number(tvb, offset, actx, tree, hf_per_num_sequence_extensions, &num_extensions); |
 |
| 1851 | | | |
| 1852 | | | |
| 1853 | | | |
| 1854 | | | |
| 1855 | | | |
| 1856 | | | |
| 1857 | | | |
| 1858 | | | |
| 1859 | | | |
| 1860 | | | |
| 1861 | | | |
| 1862 | | | |
| 1863 | | | |
| 1864 | | | |
| 1865 | | | |
| 1866 | | | |
| 1867 | | | num_extensions+=1; |
| 1868 | | | |
| 1869 | | | extension_mask=0; |
| 1870 | | | for(i=0;i<num_extensions;i++){ |
| 1871 | | | offset=dissect_per_boolean(tvb, offset, actx, tree, hf_per_extension_present_bit, &extension_bit); |
| 1872 | | | if (tree) { |
| 1873 | | | proto_item_append_text(actx->created_item, " (%s %s present)", |
| 1874 | | | index_get_extension_name(sequence, i), extension_bit?"is":"is NOT"); |
| 1875 | | | } |
| 1876 | | | if (!display_internal_per_fields) PROTO_ITEM_SET_HIDDEN(actx->created_item);
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
319 | #define PROTO_ITEM_SET_HIDDEN(proto_item) \ |
320 | ((proto_item) ? FI_SET_FLAG((proto_item)->finfo, FI_HIDDEN) : 0) |
| |
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/proto.h |
| |
246 | #define FI_SET_FLAG(fi, flag) (fi->flags = fi->flags | flag) |
| |
|
| 1877 | | | |
| 1878 | | | extension_mask=(extension_mask<<1)|extension_bit; |
| 1879 | | | } |
| 1880 | | | |
| 1881 | | | |
| 1882 | | | num_known_extensions=0; |
| 1883 | | | for(i=0;sequence[i].p_id;i++){ |
| 1884 | | | if(sequence[i].extension==ASN1_NOT_EXTENSION_ROOT){ |
| 1885 | | | num_known_extensions++; |
| 1886 | | | } |
| 1887 | | | } |
| 1888 | | | |
| 1889 | | | |
| 1890 | | | for(i=0;i<num_extensions;i++){ |
Event 24:
Entering loop body. i < num_extensions evaluates to true.
hide
|
|
| 1891 | | | proto_item *cause; |
| 1892 | | | guint32 length; |
| 1893 | | | guint32 new_offset; |
| 1894 | | | guint32 difference; |
| 1895 | | | guint32 extension_index; |
| 1896 | | | guint32 j,k; |
| 1897 | | | |
| 1898 | | | if(!((1L<<(num_extensions-1-i))&extension_mask)){ |
Event 25:
Skipping " if". 1 << num_extensions - 1 - i & extension_mask evaluates to true.
hide
|
|
| 1899 | | | |
| 1900 | | | continue; |
| 1901 | | | } |
| 1902 | | | |
| 1903 | [+] | | offset=dissect_per_length_determinant(tvb, offset, actx, tree, hf_per_open_type_length, &length); |
Event 26:
dissect_per_length_determinant() does not initialize length. - This may be because of a failure case or other special case for dissect_per_length_determinant().
hide
|
|
 |
| 1904 | | | |
| 1905 | | | if(i>=num_known_extensions){ |
Event 33:
Skipping " if". i >= num_known_extensions evaluates to false.
hide
|
|
| 1906 | | | |
| 1907 | | | offset+=length*8; |
| 1908 | | | PER_NOT_DECODED_YET("unknown sequence extension");
x /home/sate/Testcases/c/cve/wireshark-1.2.0/epan/dissectors/packet-per.h |
| |
30 | #define PER_NOT_DECODED_YET(x) \ |
31 | proto_tree_add_text(tree, tvb, 0, 0, "something unknown here [%s]",x); \ |
32 | if (check_col(actx->pinfo->cinfo, COL_INFO)){ \ |
33 | col_append_fstr(actx->pinfo->cinfo, COL_INFO, "[UNKNOWN PER: %s]", x); \ |
34 | } \ |
35 | tvb_get_guint8(tvb, 9999); |
| |
|
| 1909 | | | continue; |
| 1910 | | | } |
| 1911 | | | |
| 1912 | | | extension_index=0; |
| 1913 | | | for(j=0,k=0;sequence[j].p_id;j++){ |
Event 34:
Entering loop body. sequence[j].p_id evaluates to true.
hide
|
|
| 1914 | | | if(sequence[j].extension==ASN1_NOT_EXTENSION_ROOT){ |
Event 35:
Taking true branch. sequence[j].extension == 2 evaluates to true.
hide
|
|
| 1915 | | | if(k==i){ |
Event 36:
Taking true branch. k == i evaluates to true.
hide
|
|
| 1916 | | | extension_index=j; |
| 1917 | | | break; |
| 1918 | | | } |
| 1919 | | | k++; |
| 1920 | | | } |
| 1921 | | | } |
| 1922 | | | |
| 1923 | | | if(sequence[extension_index].func){ |
Event 37:
Taking true branch. sequence[extension_index].func evaluates to true.
hide
|
|
| 1924 | | | new_offset=sequence[extension_index].func(tvb, offset, actx, tree, *sequence[extension_index].p_id); |
| 1925 | | | if (new_offset == offset) new_offset += 8; |
Event 38:
Skipping " if". new_offset == offset evaluates to false.
hide
|
|
| 1926 | | | offset+=length*8; |
Uninitialized Variable
length was not initialized. The issue can occur if the highlighted code executes. See related event 26. Show: All events | Only primary events |
|
| |