Nmap Development mailing list archives
Re: Use-after-free in portlist.cc
From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 4 Feb 2015 14:46:00 -0600
Mak, Thanks for the report. Fixed in r33979. Dan On Wed, Feb 4, 2015 at 1:42 PM, Mak Kolybabi <mak () kolybabi com> wrote:
I'm messing about with some static analyzers today, and slowly slogging through a list of mostly-crazy false positives. One result, however, looks legit: https://github.com/nmap/nmap/blob/master/portlist.cc#L718-736 If a non-null answer is passed in, it is freed, and then later if o.verbose is set it dereferences the previously-freed answer twice. I'll be continuing to go through these results, and more emails will follow if I find anything else of interest. _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Use-after-free in portlist.cc Mak Kolybabi (Feb 04)
- Re: Use-after-free in portlist.cc Daniel Miller (Feb 04)