CodeSonar : Irssi : Null Pointer Dereference

Irssi : Irssi analysis 1 : Null Pointer Dereference at modes.c:621

Categories:	LANG.MEM.NPD CWE:476
Warning ID:	2185.2190
Procedure:	channel_set_mode
Trace:	View
Modified:	Wed Sep 2 11:51:54 2009 show details hide details

Priority:	None
State:	None
Finding:	None
Owner:	None
	edit properties

Legend	[ X ]
Warning Location Contributes Parse Error Other Warning Two or More Loop Iterations On Execution Path Comment Macro Preprocessor Include Keyword Preprocessed Away

Legend
Warning Location	Contributes	Parse Error
Other Warning	Two or More Loop Iterations	On Execution Path
Comment	Macro	Preprocessor
Include	Keyword	Preprocessed Away

Source | Language: C

Hide Legend

Problem	Line	Source

			/u1/paul/SATE/2010/c/irssi/irssi-0.8.14/src/irc/core/modes.c

			Enter channel_set_mode

594

void channel_set_mode(IRC_SERVER_REC *server, const char *channel,

595

const char *mode)

596

{

597

IRC_CHANNEL_REC *chanrec;

598

GString *tmode, *targs;

599

char *modestr, *curmode, *orig, type, prevtype;

600

int count;

601

602

g_return_if_fail (IS_IRC_SERVER (server ));

603

g_return_if_fail(channel != NULL && mode != NULL);

604

605

tmode = g_string_new(NULL);

606

targs = g_string_new(NULL);

607

count = 0;

608

609

chanrec = irc_channel_find (server , channel );

610

if (chanrec != NULL)

611

channel = chanrec->name;

612

613

orig = modestr = g_strdup(mode);

614

615

type = '+'; prevtype = '\0';

616

curmode = cmd_get_param(&modestr );

617

for (;; curmode++) {

618

if (*curmode == '\0') { /* Null Pointer Dereference (ID: 2186.2191) */

619

/* support for +o nick +o nick2 */

true

620

curmode = cmd_get_param(&modestr );

curmode <= 4095

621

if (*curmode == '\0') /* Null Pointer Dereference */

break;

}

if (*curmode == '+' || *curmode == '-') {

type = *curmode;

continue;

}

if (count == server->max_modes_in_cmd &&

631

HAS_MODE_ARG(server, type, *curmode)) {

632

irc_send_cmdv(server, "MODE %s %s%s",

633

channel, tmode->str, targs->str );

634

635

count = 0; prevtype = '\0';

636

g_string_truncate(tmode, 0);

637

g_string_truncate(targs, 0);

638

}

639

640

if (type != prevtype) {

641

prevtype = type;

642

g_string_append_c (tmode , type );

643

}

644

g_string_append_c (tmode , *curmode );

645

646

if (HAS_MODE_ARG(server, type, *curmode)) {

char *arg;

count++;

arg = cmd_get_param(&modestr );

651

if (*arg == '\0' && type == '-' && *curmode == 'k') {

652

/* "/mode #channel -k" - no reason why it

653

shouldn't work really, so append the key */

654

IRC_CHANNEL_REC *chanrec;

655

656

chanrec = irc_channel_find (server , channel );

657

if (chanrec != NULL && chanrec->key != NULL)

arg = chanrec->key;

}

if (*arg != '\0')

g_string_append_printf(targs, " %s", arg);

Preconditions

$param_2 != 0
$param_3 != 0
&$unknown_481663 <= &$unknown_481662
$unknown_481662 = 32
strlen(&$unknown_481662) != 0
strlen(&$unknown_481662) != 1
((char*)&$unknown_481662)[2] != 32
((char*)&$unknown_481662)[1] = 32
$unknown_481663 = 32
strlen(&$unknown_481663) != 0
$unknown_481668 = 0
strlen(&$unknown_481668) = 0

Postconditions

_g_boolean_var_' = 1
_g_boolean_var_' = 1
channel' = $param_2
chanrec' = 0
curmode' = 0
mode' = $param_3
modestr' = 0
orig' = &$unknown_481663
server' = $param_1

Change Warning 2185.2190 : Null Pointer Dereference

Priority:
State:
Finding:
Owner:
Note: