Bug Summary

File:activesyncd/libeasclient/eas-item-info.c
Warning:line 127, column 9
Array access (from variable 'tempString') results in a null pointer dereference

Annotated Source Code

1/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 4; tab-width: 4 -*- */
2/*
3 * ActiveSync client library for calendar/addressbook synchronisation
4 *
5 * Copyright © 2011 Intel Corporation.
6 *
7 * Authors: Mobica Ltd. <www.mobica.com>
8 *
9 * This library is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public
11 * License as published by the Free Software Foundation; either
12 * version 2.1 of the License, or (at your option) any later
13 * version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free
22 * Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
23 * Boston, MA 02110-1301 USA
24 *
25 */
26
27#include "eas-item-info.h"
28
29#include <stdio.h>
30#include <stdlib.h>
31#include <string.h>
32
33
34const gchar SERVER_ID_SEPARATOR = '\n';
35
36
37G_DEFINE_TYPE (EasItemInfo, eas_item_info, G_TYPE_OBJECT)static void eas_item_info_init (EasItemInfo *self); static void
eas_item_info_class_init (EasItemInfoClass *klass); static gpointer
eas_item_info_parent_class = ((void*)0); static gint EasItemInfo_private_offset
; static void eas_item_info_class_intern_init (gpointer klass
) { eas_item_info_parent_class = g_type_class_peek_parent (klass
); if (EasItemInfo_private_offset != 0) g_type_class_adjust_private_offset
(klass, &EasItemInfo_private_offset); eas_item_info_class_init
((EasItemInfoClass*) klass); } __attribute__((__unused__)) static
inline gpointer eas_item_info_get_instance_private (EasItemInfo
*self) { return (((gpointer) ((guint8*) (self) + (glong) (EasItemInfo_private_offset
)))); } GType eas_item_info_get_type (void) { static volatile
gsize g_define_type_id__volatile = 0; if ((__extension__ ({ typedef
char _GStaticAssertCompileTimeAssertion_4[(sizeof *(&g_define_type_id__volatile
) == sizeof (gpointer)) ? 1 : -1] __attribute__((__unused__))
; (void) (0 ? (gpointer) *(&g_define_type_id__volatile) :
0); (!(__extension__ ({ typedef char _GStaticAssertCompileTimeAssertion_5
[(sizeof *(&g_define_type_id__volatile) == sizeof (gpointer
)) ? 1 : -1] __attribute__((__unused__)); __sync_synchronize (
); (gpointer) *(&g_define_type_id__volatile); })) &&
g_once_init_enter (&g_define_type_id__volatile)); }))) {
GType g_define_type_id = g_type_register_static_simple (((GType
) ((20) << (2))), g_intern_static_string ("EasItemInfo"
), sizeof (EasItemInfoClass), (GClassInitFunc) eas_item_info_class_intern_init
, sizeof (EasItemInfo), (GInstanceInitFunc) eas_item_info_init
, (GTypeFlags) 0); { {{};} } (__extension__ ({ typedef char _GStaticAssertCompileTimeAssertion_6
[(sizeof *(&g_define_type_id__volatile) == sizeof (gpointer
)) ? 1 : -1] __attribute__((__unused__)); (void) (0 ? *(&
g_define_type_id__volatile) = (g_define_type_id) : 0); g_once_init_leave
((&g_define_type_id__volatile), (gsize) (g_define_type_id
)); })); } return g_define_type_id__volatile; };
38
39
40static void eas_item_info_init (EasItemInfo *object)
41{
42 g_debug ("eas_item_info_init++");
43
44 object->client_id = NULL((void*)0);
45 object->server_id = NULL((void*)0);
46 object->data = NULL((void*)0);
47 object->status = NULL((void*)0);
48}
49
50
51static void eas_item_info_finalize (GObject* object)
52{
53 EasItemInfo* self = EAS_ITEM_INFO (object)((((EasItemInfo*) g_type_check_instance_cast ((GTypeInstance*
) ((object)), ((eas_item_info_get_type ()))))));
54
55 g_free (self->client_id);
56 g_free (self->server_id);
57 g_free (self->data);
58 g_free (self->status);
59
60 G_OBJECT_CLASS (eas_item_info_parent_class)((((GObjectClass*) g_type_check_class_cast ((GTypeClass*) ((eas_item_info_parent_class
)), (((GType) ((20) << (2))))))))->finalize (object);
61}
62
63
64static void eas_item_info_class_init (EasItemInfoClass *klass)
65{
66 GObjectClass* object_class = G_OBJECT_CLASS (klass)((((GObjectClass*) g_type_check_class_cast ((GTypeClass*) ((klass
)), (((GType) ((20) << (2))))))));
67
68 object_class->finalize = eas_item_info_finalize;
69}
70
71
72EasItemInfo* eas_item_info_new ()
73{
74 EasItemInfo *object = g_object_new (EAS_TYPE_ITEM_INFO(eas_item_info_get_type ()) , NULL((void*)0));
75 g_debug ("eas_item_info_new+-");
76 return object;
77}
78
79
80gboolean eas_item_info_serialise (EasItemInfo* self, gchar** result)
81{
82 GString* str = NULL((void*)0);
83
84
85
86 str = g_string_new ( (self->client_id ? : ""));
87 str = g_string_append_c (str, SERVER_ID_SEPARATOR)g_string_append_c_inline (str, SERVER_ID_SEPARATOR);
88 str = g_string_append (str, (self->server_id ? : ""));
89 str = g_string_append_c (str, SERVER_ID_SEPARATOR)g_string_append_c_inline (str, SERVER_ID_SEPARATOR);
90 str = g_string_append (str, (self->status ? : ""));
91 str = g_string_append_c (str, SERVER_ID_SEPARATOR)g_string_append_c_inline (str, SERVER_ID_SEPARATOR);
92 str = g_string_append (str, (self->data ? : ""));
93 *result = g_string_free (str, FALSE(0)); // Destroy the GString but not the buffer (which is returned with ownership)
94 return TRUE(!(0));
95}
96
97
98gboolean eas_item_info_deserialise (EasItemInfo* self, const gchar* data)
99{
100 gboolean separator_found = FALSE(0);
101 guint i = 0;
102 gchar *tempString = NULL((void*)0);
1
'tempString' initialized to a null pointer value
103 gchar *tempString2 = NULL((void*)0);
104
105
106 g_debug ("eas_item_info_deserialise++");
107
108 //check that there is data to deserialise - otherwise return false
109 if (data == NULL((void*)0) || strlen (data) == 0) {
2
Assuming 'data' is not equal to NULL
3
Assuming the condition is false
4
Taking false branch
110 return FALSE(0);
111 }
112 // Look for the separator character
113 for (; data[i]; i++) {
5
Loop condition is false. Execution continues on line 120
114 if (data[i] == SERVER_ID_SEPARATOR) {
115 separator_found = TRUE(!(0));
116 break;
117 }
118 }
119
120 if (separator_found) {
6
Taking false branch
121 self->client_id = g_strndup (data, i);
122 tempString = g_strdup (data + (i + 1));
123 separator_found = FALSE(0);
124 }
125 i = 0;
126
127 for (; tempString[i]; i++) {
7
Array access (from variable 'tempString') results in a null pointer dereference
128 if (tempString[i] == SERVER_ID_SEPARATOR) {
129 separator_found = TRUE(!(0));
130 break;
131 }
132 }
133 if (separator_found) {
134 self->server_id = g_strndup (tempString, i);
135 tempString2 = g_strdup (tempString + (i + 1));
136 separator_found = FALSE(0);
137 }
138 i = 0;
139 for (; tempString2[i]; i++) {
140 if (tempString2[i] == SERVER_ID_SEPARATOR) {
141 separator_found = TRUE(!(0));
142 break;
143 }
144 }
145
146 if (separator_found) {
147 self->status = g_strndup (tempString2, i);
148 self->data = g_strdup (tempString2 + (i + 1));
149 }
150
151 g_free (tempString);
152 g_free (tempString2);
153
154 return separator_found;
155}
156