Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Nsock does not pcap_close()

From: David Fifield <david () bamsoftware com>
Date: Thu, 26 Aug 2010 14:23:08 -0600
On Tue, Aug 10, 2010 at 11:16:06PM -0700, Fyodor wrote:

On Tue, Aug 10, 2010 at 12:45:51AM +0200, Luis MartinGarcia. wrote:

I've been debugging Nping with Valgrind and I've noticed that Nsock does
not close the pcap descriptor in nsp_delete() nor it offers something
like nsock_pcap_close(). This is not a big deal at all but I think it
would be nice to improve pcap handling a little so valgrind doesn't
display things like:


I agree, and if you're able to make a patch for this, that will be
great.  In any case I've added it to todo/nmap.txt.


I tested this with Nping and NSE. I see the leaked descriptor in Nping,
but not NSE. nsi_delete, called by nsp_delete, already calls pcap_close.
I think the issue is that Nping doesn't call nsp_delete. Valgrind
reports that it leaks sockets even in --tcp-connect mode (one for every
probe sent; i.e., -c 5 leaks 5 and -c 10 leaks 10).

The only place I found where nsp_delete can be called is in
ProbeMode::cleanup, and that doesn't appear to be called.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: