Fixed a memory bug (access of freed memory) when loading exclude

targets with --exclude. This was reported to occasionally cause a crash. Will Cladek reported the bug and contributed an initial patch.
2025-12-06 04:31:29 +00:00 · 2009-06-14 23:00:33 +00:00
parent 9dcee544b4
commit 0b508999c1
2 changed files with 9 additions and 16 deletions
--- a/5
+++ b/5
@@ -1,5 +1,10 @@
 # Nmap Changelog ($Id$); -*-text-*-

+o Fixed a memory bug (access of freed memory) when loading exclude
+  targets with --exclude. This was reported to occasionally cause a
+  crash. Will Cladek reported the bug and contributed an initial
+  patch. [David]
+
 Nmap 4.85BETA10 [2009-06-12]

 o The host discovery (ping probe) defaults have been enhanced to
--- a/targets.cc
+++ b/targets.cc
@@ -334,22 +334,10 @@ TargetGroup* load_exclude(FILE *fExclude, char *szExclude) {
          error("Loaded exclude target of: %s", pc);
        ++i;
      } 
-
-      /* This is a totally cheezy hack, but since I can't use strtok_r...
-       * If you can think of a better way to do this, feel free to change.
-       * As for now, we will reset strtok each time we leave parse_expr */
-      {
-	int hack_i;
-	char *hack_c = strdup(szExclude);
-
-	pc=strtok(hack_c, ",");
-
-        for (hack_i = 0; hack_i < i; hack_i++) 
-          pc=strtok(NULL, ",");
-
-	free(hack_c);
-      }
-    } 
+      pc=strtok(NULL, ",");
+    }
+    free(p_acBuf);
+    p_acBuf = NULL;
  }
  return excludelist;
 }