Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Add sanity check for strdup() in nsock_pcap.c for NMAP-7.xx

From: Bill Parker <wp02855 () gmail com>
Date: Sat, 9 Jan 2016 13:36:34 -0800
Hello All,

In reviewing source code in NMAP-7.xx, there is a call to strdup()
in nsock_pcap.c which is not checked for a return value of NULL, indicating
failure.  The patch file below should address/correct these issues:

--- nsock_pcap.c.orig   2016-01-09 10:13:32.713027782 -0800
+++ nsock_pcap.c        2016-01-09 10:14:37.650280973 -0800
@@ -296,6 +296,11 @@
   mp->snaplen = snaplen;
   mp->datalink = datalink;
   mp->pcap_device = strdup(pcap_device);
+  if (mp->pcap_device == NULL) {
+    nsock_log_error(ms, "Unable to allocate memory on mp->pcap_device %s "
+                  ,pcap_device);
+    return -1;
+  }
 #ifdef PCAP_CAN_DO_SELECT
   mp->pcap_desc = pcap_get_selectable_fd(mp->pt);
 #else

I am attaching the patch file to this bug report...

Bill Parker (wp02855 () gmail com)

Attachment: nsock_pcap.c.patch
Description: 

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: