(/home/sate/Testcases/c/cve/dovecot-1.2.0/src/auth/auth-request.c) |
| |
| 1275 | | | int auth_request_password_verify(struct auth_request *request, |
| 1276 | | | const char *plain_password, |
| 1277 | | | const char *crypted_password, |
| 1278 | | | const char *scheme, const char *subsystem) |
| 1279 | | | { |
| 1280 | | | const unsigned char *raw_password; |
| 1281 | | | size_t raw_password_size; |
| 1282 | | | int ret; |
| 1283 | | | |
| 1284 | | | if (request->skip_password_check) { |
Event 1:
Skipping " if". request->skip_password_check evaluates to false.
hide
|
|
| 1285 | | | |
| 1286 | | | i_assert(request->master_user != NULL);
x /home/sate/Testcases/c/cve/dovecot-1.2.0/src/lib/macros.h |
| |
189 | #define i_assert(expr) STMT_START{ \ |
190 | if (unlikely(!(expr))) \ |
191 | i_panic("file %s: line %d (%s): assertion failed: (%s)", \ |
192 | __FILE__, \ |
193 | __LINE__, \ |
194 | __PRETTY_FUNCTION__, \ |
195 | #expr); }STMT_END |
| |
|
| 1287 | | | return 1; |
| 1288 | | | } |
| 1289 | | | |
| 1290 | | | if (request->passdb->deny) { |
Event 2:
Skipping " if". request->passdb->deny evaluates to false.
hide
|
|
| 1291 | | | |
| 1292 | | | return 0; |
| 1293 | | | } |
| 1294 | | | |
| 1295 | | | if (request->no_password) { |
Event 3:
Skipping " if". request->no_password evaluates to false.
hide
|
|
| 1296 | | | auth_request_log_info(request, subsystem, "No password"); |
| 1297 | | | return 1; |
| 1298 | | | } |
| 1299 | | | |
| 1300 | | | ret = password_decode(crypted_password, scheme, |
| 1301 | [+] | | &raw_password, &raw_password_size); |
Event 4:
&raw_password_size is passed to password_decode() as the fourth argument.
hide
Event 5:
password_decode() does not initialize raw_password_size. - This may be because of a failure case or other special case for password_decode().
hide
|
|
 |
| |