diff options
author | Birol Capa <birol.capa@siemens.com> | 2016-09-27 17:20:41 +0300 |
---|---|---|
committer | Jaap Keuter <jaap.keuter@xs4all.nl> | 2016-09-28 18:14:14 +0000 |
commit | a3ce2336b2a0e684a94d1e0046556bc0b42748f2 (patch) | |
tree | 39dca317823e199fbbcd21060174778bd8c6229a /plugins | |
parent | f72f937623e31ae4a59555573a24de8ad603a965 (diff) |
PROFINET: Fix possibly passing a null pointer to function
A NULL pointer is possibly being passed to a function identified.
Change-Id: I87afb4fcd669451d94fecbcb827e7ff82d3e6740
Reviewed-on: https://code.wireshark.org/review/17950
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/profinet/packet-dcerpc-pn-io.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/plugins/profinet/packet-dcerpc-pn-io.c b/plugins/profinet/packet-dcerpc-pn-io.c index 5bcd060ed7..fc555605af 100644 --- a/plugins/profinet/packet-dcerpc-pn-io.c +++ b/plugins/profinet/packet-dcerpc-pn-io.c @@ -8216,7 +8216,7 @@ dissect_ExpectedSubmoduleBlockReq_block(tvbuff_t *tvb, int offset, if((strstr(puffer, vendorIdStr)) != NULL) { memset (convertStr, 0, sizeof(*convertStr)); pch = strstr(puffer, vendorIdStr); - if (sscanf(pch, "VendorID=\"%[^\"]", convertStr) == 1) { + if (pch!= NULL && sscanf(pch, "VendorID=\"%[^\"]", convertStr) == 1) { read_vendor_id = (guint32) strtoul (convertStr, NULL, 0); if(read_vendor_id == searchVendorID) { @@ -8229,7 +8229,7 @@ dissect_ExpectedSubmoduleBlockReq_block(tvbuff_t *tvb, int offset, if((strstr(puffer, deviceIdStr)) != NULL) { memset(convertStr, 0, sizeof(*convertStr)); pch = strstr(puffer, deviceIdStr); - if (sscanf(pch, "DeviceID=\"%[^\"]", convertStr) == 1) { + if (pch != NULL && sscanf(pch, "DeviceID=\"%[^\"]", convertStr) == 1) { read_device_id = (guint32)strtoul(convertStr, NULL, 0); if(read_device_id == searchDeviceID) { @@ -8362,7 +8362,7 @@ dissect_ExpectedSubmoduleBlockReq_block(tvbuff_t *tvb, int offset, memset (convertStr, 0, sizeof(*convertStr)); pch = strstr(temp, fParameterIndexStr); - if (sscanf(pch, "Index=\"%[^\"]", convertStr) == 1) { + if (pch != NULL && sscanf(pch, "Index=\"%[^\"]", convertStr) == 1) { io_data_object->fParameterIndexNr = (guint32)strtoul(convertStr, NULL, 0); } break; /* found Indexnumber -> break search loop */ @@ -8376,7 +8376,7 @@ dissect_ExpectedSubmoduleBlockReq_block(tvbuff_t *tvb, int offset, if((strstr(temp, moduleStr)) != NULL) { /* find the String "ModuleIdentNumber=" */ memset (convertStr, 0, sizeof(*convertStr)); pch = strstr(temp, moduleStr); /* search for "ModuleIdentNumber=\"" within GSD-file */ - if (sscanf(pch, "ModuleIdentNumber=\"%[^\"]", convertStr) == 1) { /* Change format of Value string-->numeric string */ + if (pch != NULL && sscanf(pch, "ModuleIdentNumber=\"%[^\"]", convertStr) == 1) { /* Change format of Value string-->numeric string */ read_module_id = (guint32)strtoul(convertStr, NULL, 0); /* Change numeric string --> unsigned long; read_module_id contains the Value of the ModuleIdentNumber */ /* If the found ModuleID matches with the wanted ModuleID, search for the Submodule and break */ @@ -8397,7 +8397,7 @@ dissect_ExpectedSubmoduleBlockReq_block(tvbuff_t *tvb, int offset, /* Find a String with the saved TextID and with a fitting value for it in the same line. This value is the name of the Module! */ if(((strstr(temp, tmp_moduletext)) != NULL) && ((strstr(temp, moduleValueInfo)) != NULL)) { pch = strstr(temp, moduleValueInfo); - if (sscanf(pch, "Value=\"%[^\"]", io_data_object->moduleNameStr) == 1) + if (pch != NULL && sscanf(pch, "Value=\"%[^\"]", io_data_object->moduleNameStr) == 1) break; /* Found the name of the module */ } } @@ -8410,7 +8410,7 @@ dissect_ExpectedSubmoduleBlockReq_block(tvbuff_t *tvb, int offset, if((strstr(temp, subModuleStr)) != NULL) { memset (convertStr, 0, sizeof(*convertStr)); pch = strstr(temp, subModuleStr); - if (sscanf(pch, "SubmoduleIdentNumber=\"%[^\"]", convertStr) == 1) { + if (pch != NULL && sscanf(pch, "SubmoduleIdentNumber=\"%[^\"]", convertStr) == 1) { read_submodule_id = (guint32) strtoul (convertStr, NULL, 0); /* read_submodule_id contains the Value of the SubModuleIdentNumber */ /* Find "PROFIsafeSupported" flag of the module in GSD-file */ |