user@host:/vmware/ethereal-0.10.9/epan/dissectors$ cat myinp 
tvb_get_ptr, -1
user@host:/vmware/ethereal-0.10.9/epan/dissectors$ cilly -DHAVE_STDARG_H -I ../.. $CFLAGS --myinput=myinp --docodechecker packet-radius.c 2>/dev/null
DBG: entered get_attr_info_table
DBG: tainted: giving up. probably varargs@3374
DBG: tainted: giving up. probably varargs@3374
DBG: breaking endless loop!
DBG: tainted: giving up. probably varargs@3374
DBG: entered find_radius_attr_info
DBG: tainted: giving up. probably varargs@3385
DBG: breaking endless loop!
DBG: entered rdconvertbufftostr
DBG: tainted: giving up. probably varargs@3397
DBG: tainted: giving up. probably varargs@3397
DBG: breaking endless loop!
DBG: spreadTaintedInput: marking var dest as tainted
DBG: entered rdconvertbufftobinstr
DBG: tainted: giving up. probably varargs@3426
DBG: tainted: giving up. probably varargs@3426
DBG: breaking endless loop!
DBG: breaking endless loop!
DBG: tainted: giving up. probably varargs@3426
DBG: breaking endless loop!
DBG: entered rddecryptpass
DBG: tainted: giving up. probably varargs@3448
DBG: tainted: giving up. probably varargs@3448
DBG: breaking endless loop!
DBG: spreadTaintedInput: marking var c as tainted
DBG: spreadTaintedInput: marking var dest as tainted
DBG: spreadTaintedInput: marking var dest as tainted
DBG: entered rd_match_strval
DBG: tainted: giving up. probably varargs@3497
DBG: tainted: giving up. probably varargs@3497
DBG: breaking endless loop!
DBG: tainted: giving up. probably varargs@3497
DBG: entered rd_add_field_to_tree
DBG: tainted: giving up. probably varargs@3501
DBG: breaking endless loop!
DBG: entered avp_length_check
DBG: tainted: giving up. probably varargs@3562
DBG: tainted: giving up. probably varargs@3562
DBG: breaking endless loop!
DBG: entered rd_value_to_str
DBG: tainted: giving up. probably varargs@3574
DBG: breaking endless loop!
DBG: spreadTaintedInput: marking var vsa_length as tainted
DBG: spreadTaintedInput: marking var vsabuffer as tainted
DBG: entered dissect_attribute_value_pairs
DBG: entered decode_packetcable_bcid
DBG: tainted: giving up. probably varargs@4245
DBG: tainted: giving up. probably varargs@4245
DBG: breaking endless loop!
DBG: entered dissect_radius
DBG: entered proto_register_radius
DBG: entered proto_reg_handoff_radius
line 3418: FATAL, found use of tainted variable in dangerous function
line 3418: FATAL, found use of tainted variable in dangerous function
line 3479: FATAL, found use of tainted variable in dangerous function
line 3479: FATAL, found use of tainted variable in dangerous function
line 3488: FATAL, found use of tainted variable in dangerous function
line 3488: FATAL, found use of tainted variable in dangerous function
line 3568: FATAL, found use of tainted variable in dangerous function
line 3702: FATAL, found use of tainted variable in dangerous function
line 3747: FATAL, found use of tainted variable in dangerous function
line 4336: FATAL, found use of tainted variable in dangerous function
DEBUG: integer: 16
pointer typ!
pointer typ!
pointer typ!
pointer typ!
line 3744: array out of bound access found on variable sminmpec_values, at least index 0 is too big.
DEBUG: integer: 16
DEBUG: integer: 16
DEBUG: integer: 16
DEBUG: integer: 10
done.
user@host:/vmware/ethereal-0.10.9/epan/dissectors$