CodeSonar : Irssi : Null Pointer Dereference

Irssi : Irssi analysis 1 : Null Pointer Dereference at irc-channels.c:119

Categories:	LANG.MEM.NPD CWE:476
Warning ID:	2163.2167
Procedure:	irc_channels_join
Trace:	View
Modified:	Wed Sep 2 11:51:40 2009 show details hide details

Priority:	None
State:	None
Finding:	None
Owner:	None
	edit properties

Legend	[ X ]
Warning Location Contributes Parse Error Other Warning Two or More Loop Iterations On Execution Path Comment Macro Preprocessor Include Keyword Preprocessed Away

Legend
Warning Location	Contributes	Parse Error
Other Warning	Two or More Loop Iterations	On Execution Path
Comment	Macro	Preprocessor
Include	Keyword	Preprocessed Away

Source | Language: C

Hide Legend

Problem	Line	Source

			/u1/paul/SATE/2010/c/irssi/irssi-0.8.14/src/irc/core/irc-channels.c

			Enter irc_channels_join

static void irc_channels_join(IRC_SERVER_REC *server, const char *data,

int automatic)

{

CHANNEL_SETUP_REC *schannel;

IRC_CHANNEL_REC *chanrec;

GString *outchans, *outkeys;

char *channels, *keys, *key, *space;

char **chanlist, **keylist, **tmp, **tmpkey, **tmpstr, *channel, *channame;

void *free_arg;

int use_keys, cmdlen;

g_return_if_fail(data != NULL);

g_return_if_fail (IS_IRC_SERVER (server ) && server ->connected );

if (*data == '\0') return;

if (!cmd_get_params(data, &free_arg, 2 | PARAM_FLAG_GETREST,

&channels, &keys ))

return;

/* keys shouldn't contain space */

space = strchr(keys, ' ');

if (space != NULL) {

*space = '\0';

}

chanlist = g_strsplit(channels, ",", -1);

keylist = g_strsplit(keys, ",", -1);

outchans = g_string_new(NULL);

outkeys = g_string_new(NULL);

use_keys = *keys != '\0';

tmpkey = keylist;

tmp = chanlist;

for (;; tmp++) {

if (*tmp != NULL) {

channel = ischannel(**tmp) ? g_strdup(*tmp) :

103

g_strdup_printf("#%s", *tmp);

104

105

chanrec = irc_channel_find (server , channel );

106

if (chanrec == NULL) {

channel = 0

107

schannel = channel_setup_find(channel, server->connrec->chatnet );

108

109

g_string_append_printf(outchans, "%s,", channel);

110

if (*tmpkey != NULL && **tmpkey != '\0')

111

key = *tmpkey;

112

else if (schannel != NULL && schannel->password != NULL) {

113

/* get password from setup record */

114

use_keys = TRUE;

115

key = schannel->password;

116

} else key = NULL;

117

118

g_string_append_printf(outkeys, "%s,", get_join_key(key));

channel <= 4095

119

channame = channel + (channel[0] == '!' && /* Null Pointer Dereference */

120

channel[1] == '!');

121

chanrec = irc_channel_create(server, channame, NULL,

122

automatic );

123

if (key != NULL) chanrec->key = g_strdup(key); /* Null Pointer Dereference (ID: 2162.2166) */

}

g_free(channel);

if (*tmpkey != NULL)

tmpkey++;

tmpstr = tmp;

tmpstr++;

cmdlen = outchans->len-1;

133

134

if (use_keys)

135

cmdlen += outkeys->len;

136

if (*tmpstr != NULL)

137

cmdlen += ischannel(**tmpstr) ? strlen(*tmpstr) :

138

strlen(*tmpstr)+1;

139

if (*tmpkey != NULL)

140

cmdlen += strlen(*tmpkey);

141

142

/* don't try to send too long lines

143

make sure it's not longer than 510

144

so 510 - strlen("JOIN ") = 505 */

if (cmdlen < 505)

continue;

}

if (outchans->len > 0) {

149

g_string_truncate(outchans, outchans->len-1);

150

g_string_truncate(outkeys, outkeys->len-1);

151

irc_send_cmdv(IRC_SERVER (server ),

152

use_keys ? "JOIN %s %s" : "JOIN %s",

153

outchans->str, outkeys->str );

154

}

155

cmdlen = 0;

156

g_string_truncate(outchans,0);

157

g_string_truncate(outkeys,0);

158

if (*tmp == NULL || tmp[1] == NULL)

Preconditions

&$unknown_368322 >= &$unknown_368323
((char*)$param_1)[56] != 0
*$param_2 != 0
strlen($param_2) != 0
((char*)$unknown_368322)[8] = 38
strlen(((char*)&$unknown_368322)[8]) != 0
*$unknown_368331 = 0
strlen($unknown_368331) = 0
$unknown_368315 != 0
strlen(&$unknown_368315) != 0
((char*)&$unknown_368322)[16] >= 0
((char*)&$unknown_368323)[8] >= 0

Postconditions

_g_boolean_var_' = 1
_g_boolean_var_' = 1
$unknown_368316' = 0
strlen(&$unknown_368316)' = 0
automatic' = $param_3
chanlist' = &$unknown_368323
channel' = 0
channels' = &$unknown_368318
chanrec' = 0
data' = $param_2
key' = 0
keylist' = &$unknown_368326
keys' = &$unknown_368315
outchans' = &$unknown_368324
outkeys' = &$unknown_368332
schannel' = 0
server' = $param_1
space' = &$unknown_368316
tmp' = &$unknown_368322 + 8
tmpkey' = &$unknown_368331
tmpstr' = &$unknown_368322 + 8

Change Warning 2163.2167 : Null Pointer Dereference

Priority:
State:
Finding:
Owner:
Note: