Added ScriptResult class change in order to avoid managing string memory

created via strdup(). Script output and id (strings) are now C++ std::string.
2026-02-05 21:16:33 +00:00 · 2008-07-07 17:37:08 +00:00
parent f9e6d7d01a
commit 13452505a5
6 changed files with 53 additions and 36 deletions
--- a/Target.cc
+++ b/Target.cc
@@ -178,12 +178,6 @@ void Target::FreeInternal() {
  }

  if (FPR) delete FPR;
-
-  if (o.script) {
-    ScriptResults::iterator sriter;
-    for (sriter = scriptResults.begin(); sriter != scriptResults.end(); sriter++)
-      free((*sriter).id);
-  }
 }

 /*  Creates a "presentation" formatted string out of the IPv4/IPv6 address.
--- a/nse_main.cc
+++ b/nse_main.cc
@@ -50,7 +50,7 @@ int process_preparehost(lua_State* L, Target* target, std::list<struct thread_re
 int process_preparethread(lua_State* L, struct run_record *rr, struct thread_record* tr);

 // helper functions
-int process_getScriptId(lua_State* L, struct script_scan_result* ssr);
+int process_getScriptId(lua_State* L, ScriptResult * ssr);
 int process_pickScriptsForPort(
 		lua_State* L, 
 		Target* target, 
@@ -65,6 +65,26 @@ int process_finalize(lua_State* L, unsigned int registry_idx);
 // post execution
 int cleanup_threads(std::list<struct thread_record> trs);

+void ScriptResult::set_output (const char *out)
+{
+  output = std::string(out);
+}
+
+std::string ScriptResult::get_output (void)
+{
+  return output;
+}
+
+void ScriptResult::set_id (const char *ident)
+{
+  id = std::string(ident);
+}
+
+std::string ScriptResult::get_id (void)
+{
+  return id;
+}
+
 /* int panic (lua_State *L)
 *
 * Panic function set via lua_atpanic().
@@ -343,7 +363,6 @@ finishup:
 int process_mainloop(lua_State *L) {
 	int state;
 	int unfinished = running_scripts.size() + waiting_scripts.size(); 
-	struct script_scan_result ssr;
 	struct thread_record current;
 	ScanProgressMeter progress = ScanProgressMeter(SCRIPT_ENGINE);

@@ -417,8 +436,9 @@ int process_mainloop(lua_State *L) {
 				// running_scripts list
 	
 				if(lua_isstring (current.thread, -1)) { // FIXME
+                    ScriptResult sr;
                    lua_State *thread = current.thread;
-					SCRIPT_ENGINE_TRY(process_getScriptId(thread, &ssr));
+					SCRIPT_ENGINE_TRY(process_getScriptId(thread, &sr));
                    lua_getglobal(thread, "string");
                    lua_getfield(thread, -1, "gsub");
                    lua_replace(thread, -2); // remove string table
@@ -426,11 +446,11 @@ int process_mainloop(lua_State *L) {
                    lua_pushliteral(thread, "[^%w%s%p]");
                    lua_pushcclosure(thread, escape_char, 0);
                    lua_call(thread, 3, 1);
-					ssr.output = strdup(lua_tostring(thread, -1));
+					sr.set_output(lua_tostring(thread, -1));
 					if(current.rr->type == 0) {
-						current.rr->host->scriptResults.push_back(ssr);
+						current.rr->host->scriptResults.push_back(sr);
 					} else if(current.rr->type == 1) {
-						current.rr->port->scriptResults.push_back(ssr);
+						current.rr->port->scriptResults.push_back(sr);
 						current.rr->host->ports.numscriptresults++;
 					}
 					lua_pop(thread, 2);
@@ -521,15 +541,15 @@ int process_waiting2running(lua_State* L, int resume_arguments) {
 * if no 'id' field is found, the filename field is used which we set in the 
 * setup phase. If someone changed the filename field to a nonstring we complain
 * */
-int process_getScriptId(lua_State* L, struct script_scan_result *ssr) {
+int process_getScriptId(lua_State* L, ScriptResult *sr) {

 	lua_getfield(L, -2, ID);
 	lua_getfield(L, -3, FILENAME);

 	if(lua_isstring(L, -2)) {
-		ssr->id = strdup(lua_tostring (L, -2));
+		sr->set_id(lua_tostring (L, -2));
 	} else if(lua_isstring(L, -1)) {
-		ssr->id = strdup(lua_tostring (L, -1));
+		sr->set_id(lua_tostring (L, -1));
 	} else {
 		error("%s: The script has no 'id' entry, the 'filename' entry was changed to:",
 			SCRIPT_ENGINE);
--- a/nse_main.h
+++ b/nse_main.h
@@ -13,12 +13,19 @@ extern "C" {
 #include <string.h>
 #include <iostream>

-struct script_scan_result {
-	char* id;
-	char* output;
+class ScriptResult
+{
+  private:
+    std::string output;
+    std::string id;
+  public:
+    void set_output (const char *);
+    std::string get_output (void);
+    void set_id (const char *);
+    std::string get_id (void);
 };

-typedef std::vector<struct script_scan_result> ScriptResults;
+typedef std::vector<ScriptResult> ScriptResults;

 class Target;
 int script_scan(std::vector<Target *> &targets);
--- a/output.cc
+++ b/output.cc
@@ -788,8 +788,8 @@ void printportoutput(Target *currenths, PortList *plist) {
 		for(	ssr_iter = current->scriptResults.begin(); 
 			ssr_iter != current->scriptResults.end(); 
 			ssr_iter++) {
-			char* xml_id= xml_convert((*ssr_iter).id);
-			char* xml_scriptoutput= xml_convert((*ssr_iter).output);
+			char* xml_id= xml_convert(ssr_iter->get_id().c_str());
+			char* xml_scriptoutput= xml_convert(ssr_iter->get_output().c_str());
 			log_write(LOG_XML, "<script id=\"%s\" output=\"%s\" />", 
 					xml_id, xml_scriptoutput);
 			free(xml_id);
@@ -836,11 +836,11 @@ log_write(LOG_PLAIN, "%d service%s unrecognized despite returning data. If you k
 }

 #ifndef NOLUA
-char* formatScriptOutput(struct script_scan_result ssr) {
-	char* c_result;
-	std::string result = std::string();
+char* formatScriptOutput(ScriptResult sr) {
+	std::string result = std::string(), output = sr.get_output();
 	string::size_type pos;
-
+	char *c_result, *c_output = new char[output.length()+1];
+    strncpy(c_output, output.c_str(), output.length()+1);
 	int line = 0;
 #ifdef WIN32
 	const char* sep = "\r\n";
@@ -848,10 +848,10 @@ char* formatScriptOutput(struct script_scan_result ssr) {
 	const char* sep = "\n";
 #endif
 	std::string line_prfx = "|  ";
-	
-	char* token = strtok(ssr.output, sep);

-	result += line_prfx + std::string(ssr.id) + ": ";
+	char* token = strtok(c_output, sep);
+
+	result += line_prfx + sr.get_id() + ": ";

 	while(token != NULL) {
 		if(line > 0)
@@ -872,6 +872,7 @@ char* formatScriptOutput(struct script_scan_result ssr) {
 	}
 	c_result = strdup(result.c_str());

+    delete[] c_output;
 	return c_result;
 }
 #endif /* NOLUA */
@@ -1882,8 +1883,8 @@ void printhostscriptresults(Target *currenths) {
 		log_write(LOG_XML, "<hostscript>");
 		log_write(LOG_PLAIN, "\nHost script results:\n");
 		for(iter = currenths->scriptResults.begin(); iter != currenths->scriptResults.end(); iter++) {
-			xml_id = xml_convert((*iter).id);
-			xml_scriptoutput= xml_convert((*iter).output);
+			xml_id = xml_convert(iter->get_id().c_str());
+			xml_scriptoutput= xml_convert(iter->get_output().c_str());
 			log_write(LOG_XML, "<script id=\"%s\" output=\"%s\" />", 
 					xml_id, xml_scriptoutput);
 			script_output = formatScriptOutput((*iter));
--- a/output.h
+++ b/output.h
@@ -196,7 +196,7 @@ void printosscanoutput(Target *currenths);
 void printserviceinfooutput(Target *currenths);

 void printhostscriptresults(Target *currenths);
-char* formatScriptOutput(struct script_scan_result ssr);
+char* formatScriptOutput(ScriptResult sr);

 /* Print a detailed list of Nmap interfaces and routes to
   normal/skiddy/stdout output */
--- a/portlist.cc
+++ b/portlist.cc
@@ -150,11 +150,6 @@ Port::~Port() {
   free(serviceprobe_service);
 if (serviceprobe_fp)
   free(serviceprobe_fp);
- if (o.script) {
-   ScriptResults::iterator sriter;
-   for (sriter = scriptResults.begin(); sriter != scriptResults.end(); sriter++)
-     free((*sriter).id);
- }
 }

 // Uses the sd->{product,version,extrainfo} if available to fill