Nmap Development mailing list archives
Re: ncat minor patches
From: David Fifield <david () bamsoftware com>
Date: Fri, 24 Apr 2009 11:46:23 -0600
On Fri, Apr 24, 2009 at 09:12:00PM +0300, ithilgore wrote:
I 've been reading through the ncat code and made some minor fixes on some things that I stumbled upon. 1. Replaced all instances of sys_wrap's Malloc with nbase's safe_malloc, since safe_malloc does essentially the same thing and is used throughout all of nmap's codebase. 2. Replaced all instances of strdup with sys_wrap's Strdup for consistency. 3. Removed a redundant check in ncat_main.c /* Set the default to IPv4 if not explicitly specified. */ if (o.af != AF_INET && o.af != AF_INET6) o.af = AF_INET; o.af is initialized to AF_INET with options_init() which is called in the beginning of main()
These changes all look good to me.
In addition, I think all atoi instances should be replaced with something like strtol since atoi is deprecated and doesn't do any error-checking for input that is not actually a digit.
I agree. There is a function parse_long in util.c that does integer parsing using strtol. It allows only nonnegative decimal integers, with no preceding whitespace or sign. It's intended for things like port number parsing, where "1.2.3.4: 80" and "1.2.3.4:+80" should be syntax errors, but it is also appropriate for things like the argument to --max-conns, currently parsed with atoi. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- ncat minor patches ithilgore (Apr 24)
- Re: ncat minor patches David Fifield (Apr 24)