(/home/sate/Testcases/c/cve/wireshark-1.2.0/editcap.c) |
| |
| 295 | | | set_time_adjustment(char *optarg) |
| 296 | | | { |
| 297 | | | char *frac, *end; |
| 298 | | | long val; |
| 299 | | | size_t frac_digits; |
| 300 | | | |
| 301 | | | if (!optarg) |
Event 1:
Skipping " if". optarg evaluates to true.
hide
|
|
| 302 | | | return; |
| 303 | | | |
| 304 | | | |
| 305 | | | while (*optarg == ' ' || *optarg == '\t') { |
Event 2:
Entering loop body. *optarg == 32 evaluates to true.
hide
|
|
| 306 | | | optarg++; |
| 307 | | | } |
| 308 | | | |
| 309 | | | |
| 310 | | | if (*optarg == '-') { |
Event 4:
Skipping " if". *optarg == 45 evaluates to false.
hide
|
|
| 311 | | | time_adj.is_negative = 1; |
| 312 | | | optarg++; |
| 313 | | | } |
| 314 | | | |
| 315 | | | |
| 316 | | | if (*optarg == '.') { |
Event 5:
Taking true branch. *optarg == 46 evaluates to true.
hide
|
|
| 317 | | | val = 0; |
| 318 | | | frac = optarg; |
| 319 | | | } else { |
| 320 | | | val = strtol(optarg, &frac, 10); |
| 321 | | | if (frac == NULL || frac == optarg || val == LONG_MIN || val == LONG_MAX) { |
| 322 | | | fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n", |
| 323 | | | optarg); |
| 324 | | | exit(1); |
| 325 | | | } |
| 326 | | | if (val < 0) { |
| 327 | | | fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n", |
| 328 | | | optarg); |
| 329 | | | exit(1); |
| 330 | | | } |
| 331 | | | } |
| 332 | | | time_adj.tv.tv_sec = val; |
| 333 | | | |
| 334 | | | |
| 335 | | | if (*frac != '\0') { |
Event 6:
Taking true branch. *frac != 0 evaluates to true.
hide
|
|
| 336 | | | val = strtol(&(frac[1]), &end, 10); |
| 337 | | | if (*frac != '.' || end == NULL || end == frac |
Event 7:
Skipping " if". - *frac != 46 evaluates to false.
- end == (void *)0 evaluates to false.
- end == frac evaluates to false.
- val < 0 evaluates to false.
- val > 1000000 evaluates to false.
- val == -2147483647 - 1 evaluates to false.
- val == 2147483647 evaluates to false.
hide
|
|
| 338 | | | || val < 0 || val > ONE_MILLION || val == LONG_MIN || val == LONG_MAX) { |
| 339 | | | fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n", |
| 340 | | | optarg); |
| 341 | | | exit(1); |
| 342 | | | } |
| 343 | | | } |
| 344 | | | else { |
| 345 | | | return; |
| 346 | | | } |
| 347 | | | |
| 348 | | | |
| 349 | | | |
| 350 | | | if (frac && end) { |
Null Test After Dereference
This code tests the nullness of frac, which has already been dereferenced. - If frac were null, there would have been a prior null pointer dereference at editcap.c:337, and potentially at other locations as well.
- Either this test is redundant, or the earlier dereference(s) should be guarded by a similar test.
The issue can occur if the highlighted code executes. See related event 8. Show: All events | Only primary events |
|
| 351 | | | frac_digits = end - frac - 1; |
| 352 | | | while(frac_digits < 6) { |
| 353 | | | val *= 10; |
| 354 | | | frac_digits++; |
| 355 | | | } |
| 356 | | | } |
| 357 | | | time_adj.tv.tv_usec = val; |
| 358 | | | } |
| |