PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 13:11:28 +00:00
Code Issues Projects Releases Wiki Activity

Avoid NULL ptr deref crash if pcre_study returns NULL. Fixes #1302

Browse Source
This commit is contained in:
dmiller
2018-08-10 17:12:19 +00:00
parent 302954fb3f
commit c3113037b0
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
service_scan.cc
View File

@@ -485,10 +485,19 @@ void ServiceProbeMatch::InitMatch(const char *matchtext, int lineno) {
fatal("%s: illegal regexp on line %d of nmap-service-probes (at regexp offset %d): %s\n", __func__, lineno, pcre_erroffset, pcre_errptr); fatal("%s: illegal regexp on line %d of nmap-service-probes (at regexp offset %d): %s\n", __func__, lineno, pcre_erroffset, pcre_errptr);
// Now study the regexp for greater efficiency // Now study the regexp for greater efficiency
regex_extra = pcre_study(regex_compiled, 0, &pcre_errptr); regex_extra = pcre_study(regex_compiled, 0
#ifdef PCRE_STUDY_EXTRA_NEEDED
| PCRE_STUDY_EXTRA_NEEDED
#endif
, &pcre_errptr);
if (pcre_errptr != NULL) if (pcre_errptr != NULL)
fatal("%s: failed to pcre_study regexp on line %d of nmap-service-probes: %s\n", __func__, lineno, pcre_errptr); fatal("%s: failed to pcre_study regexp on line %d of nmap-service-probes: %s\n", __func__, lineno, pcre_errptr);
if (!regex_extra) {
regex_extra = (pcre_extra *) pcre_malloc(sizeof(pcre_extra));
memset(regex_extra, 0, sizeof(pcre_extra));
}
// Set some limits to avoid evil match cases. // Set some limits to avoid evil match cases.
// These are flexible; if they cause problems, increase them. // These are flexible; if they cause problems, increase them.
#ifdef PCRE_ERROR_MATCHLIMIT #ifdef PCRE_ERROR_MATCHLIMIT