Use-after-free in portlist.cc

[Mak Kolybabi <mak () kolybabi com>]

I'm messing about with some static analyzers today, and slowly slogging
through a list of mostly-crazy false positives. One result, however,
looks legit:

https://github.com/nmap/nmap/blob/master/portlist.cc#L718-736

If a non-null answer is passed in, it is freed, and then later if
o.verbose is set it dereferences the previously-freed answer twice.

I'll be continuing to go through these results, and more emails will
follow if I find anything else of interest.
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/