Nmap Development mailing list archives
Add sanity check for strdup() in nsock_pcap.c for NMAP-7.xx
From: Bill Parker <wp02855 () gmail com>
Date: Sat, 9 Jan 2016 13:36:34 -0800
Hello All, In reviewing source code in NMAP-7.xx, there is a call to strdup() in nsock_pcap.c which is not checked for a return value of NULL, indicating failure. The patch file below should address/correct these issues: --- nsock_pcap.c.orig 2016-01-09 10:13:32.713027782 -0800 +++ nsock_pcap.c 2016-01-09 10:14:37.650280973 -0800 @@ -296,6 +296,11 @@ mp->snaplen = snaplen; mp->datalink = datalink; mp->pcap_device = strdup(pcap_device); + if (mp->pcap_device == NULL) { + nsock_log_error(ms, "Unable to allocate memory on mp->pcap_device %s " + ,pcap_device); + return -1; + } #ifdef PCAP_CAN_DO_SELECT mp->pcap_desc = pcap_get_selectable_fd(mp->pt); #else I am attaching the patch file to this bug report... Bill Parker (wp02855 () gmail com)
Attachment:
nsock_pcap.c.patch
Description:
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Add sanity check for strdup() in nsock_pcap.c for NMAP-7.xx Bill Parker (Jan 11)