Nmap Development mailing list archives

Re: Missing Sanity Checks in NMAP 6.47 (liblinear, file 'predict.c')

From: David Fifield <david () bamsoftware com>
Date: Wed, 3 Jun 2015 12:55:41 -0700

On Wed, Jun 03, 2015 at 11:09:02AM -0700, Bill Parker wrote:

Hello All,

   In reviewing source code for NMAP-6.47, in directory 'liblinear',
file 'predict.c', I located 4 instances of calls to malloc() without
a corresponding check for a return value of NULL, indicating failure.


Thanks for checking. LIBLINEAR is a third-party library maintained
separately. You should report this to the upstream maintainers.

http://www.csie.ntu.edu.tw/~cjlin/liblinear/

Nmap doesn't use the predict.c file.
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Missing Sanity Checks in NMAP 6.47 (liblinear, file 'predict.c') Bill Parker (Jun 03)
- Re: Missing Sanity Checks in NMAP 6.47 (liblinear, file 'predict.c') David Fifield (Jun 03)