Nmap Development mailing list archives
Re: Analysis of clang results for nmap main directory.
From: David Fifield <david () bamsoftware com>
Date: Thu, 14 Jun 2012 10:27:14 -0700
On Thu, Jun 14, 2012 at 01:06:01PM -0400, James Rogers wrote:
Reran clang against latest version of nmap on Tuesday, many changes had been made since I first ran this tool and I wanted the results to be as meaningful as possible. Clang Report for main branch of nmap, excluding all subdirectories. 13 June 2012 Logic error Dereference of null pointer nse_pcrelib.cc 272 271 res = pcre_exec(ud->pr, ud->extra, text, (int)len, startoffset, eflags, 272 ud->match, (ud->ncapt + 1) * 3); Logic error Dereference of null pointer nse_pcrelib.cc 234 233 res = pcre_exec(ud->pr, ud->extra, text, (int)elen, startoffset, eflags, 234 ud->match, (ud->ncapt + 1) * 3);
Didn't we already discuss this in http://seclists.org/nmap-dev/2012/q2/627? This is because the analyzer doesn't realize that the luaL_argerror within Lpcre_getargs never returns. ud cannot be NULL at this point. If you replace luaL_argerror with exit, does this problem still get reported? If not, then this is a false positive. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Analysis of clang results for nmap main directory. James Rogers (Jun 14)
- Re: Analysis of clang results for nmap main directory. David Fifield (Jun 14)
- Re: Analysis of clang results for nmap main directory. David Fifield (Jun 14)
- Re: Analysis of clang results for nmap main directory. James Rogers (Jun 14)
- Re: Analysis of clang results for nmap main directory. David Fifield (Jun 14)
- Re: Analysis of clang results for nmap main directory. James Rogers (Jun 14)