PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-30 11:29:01 +00:00
Code Issues Projects Releases Wiki Activity

Fix a use-after-free in idle and ftp bounce scans

Browse Source 
PortList::forgetPort in verbose mode tries to print details on a Port
after it has been deleted. This function is only called in idle and ftp
bounce scans. Reported by Mak Kolybabi:
http://seclists.org/nmap-dev/2015/q1/129
This commit is contained in:
dmiller
2015-02-04 20:46:10 +00:00
parent 5c486b83cb
commit 29174ba87d
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
portlist.cc
View File

@@ -721,8 +721,6 @@ int PortList::forgetPort(u16 portno, u8 protocol) {
state_counts_proto[protocol][answer->state]--;
state_counts_proto[protocol][default_port_state[protocol].state]++;
delete answer;
port_list[protocol][portno] = NULL;
if (o.verbose) {
@@ -732,6 +730,7 @@ int PortList::forgetPort(u16 portno, u8 protocol) {
log_flush(LOG_STDOUT);
}
delete answer;
return 0;
}