Re: [PATCH] NSE - escaping attribute content

[Brandon Enright <bmenrigh () ucsd edu>]

On Tue, 1 May 2007 21:23:54 +0200 plus or minus some time Stoiko Ivanov
<stoiko () xover htu tuwien ac at> wrote:

> Hi,
>
> My name is Stoiko Ivanov - I'm one of the lucky people who got accepted
> in this years Google Summer of Code (and I'm looking forward to work on
> Nmap). I'll be enhancing the NSE during this summer and (hopefully) will
> add some new features to make script-writing easier and even more
> powerfull.

Welcome.  It's great having you guys.

>
...snip...
> I hope my patch fixes the problem (at least it does in the case described
> in the bug-report)

It does however it also introduces a memory leak.  xml_convert() mallocs
memory that needs to be freed.

> I would be grateful for any comment on the patch, since it's my first one
> (especially if I've forgotten something, or made anything wrong).

I'm by no means a big contributer to Nmap but here is the line of
questioning I go though on my small patches.  I think the more talented
C/C++ developers on this list are able to make all these decisions in one
pass through the code; I cannot:

* Were there any theoretical or real memory leaks or security
vulnerabilities in the code before I changed anything?

* Does the addition or changes to the code cause any vulnerability or
memory leak?

* Are there any potential interactions or loose ends in the new or modified
code that could interfere with any other part of the program?

Functions with side effects like xml_convert() could probably use a short
comment above them reminding would-be hackers to watch out.

> cheers
> stoiko

Respectfully,

Brandon


-- 
Brandon Enright
Network Security Analyst
UCSD ACS/Network Operations
bmenrigh () ucsd edu

Attachment: signature.asc
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org