mirror of
https://github.com/nmap/nmap.git
synced 2025-12-10 17:59:04 +00:00
Change a little over 10 malloc()s and realloc()s to their safe_* equivalents (which let's us get rid a two checks on the returned mem elsewhere in the code).
This commit is contained in:
kris
2
main.cc
2
main.cc
@@ -373,7 +373,7 @@ int main(int argc, char *argv[]) {
|
||||
}
|
||||
} else {
|
||||
fakeargc = 1;
|
||||
fakeargv = (char **) malloc(sizeof(char *) * 2);
|
||||
fakeargv = (char **) safe_malloc(sizeof(char *) * 2);
|
||||
fakeargv[0] = nmappath;
|
||||
fakeargv[1] = NULL;
|
||||
}
|
||||
|
||||
@@ -222,7 +222,7 @@ static struct AVal *fingerprint_iptcppacket(struct ip *ip, int mss, u32 syn) {
|
||||
char *p,*q;
|
||||
struct tcp_hdr *tcp = ((struct tcp_hdr *) (((char *) ip) + 4 * ip->ip_hl));
|
||||
|
||||
AVs = (struct AVal *) malloc(6 * sizeof(struct AVal));
|
||||
AVs = (struct AVal *) safe_malloc(6 * sizeof(struct AVal));
|
||||
|
||||
/* Link them together */
|
||||
AVs[0].next = &AVs[1];
|
||||
|
||||
@@ -731,7 +731,7 @@ char* formatScriptOutput(struct script_scan_result ssr) {
|
||||
char* xml_convert (const char* str) {
|
||||
char *temp, ch=0, prevch = 0, *p;
|
||||
int strl = strlen(str);
|
||||
temp = (char *) malloc(strl*6+1);
|
||||
temp = (char *) safe_malloc(strl*6+1);
|
||||
char *end = temp + strl * 6 + 1;
|
||||
for (p = temp;(prevch = ch, ch = *str);str++) {
|
||||
char *a;
|
||||
@@ -764,7 +764,7 @@ char* xml_convert (const char* str) {
|
||||
Strncpy(p,a, end - p - 1); p += strlen(a); // SAFE
|
||||
}
|
||||
*p = 0;
|
||||
temp = (char *) realloc(temp,strlen(temp)+1);
|
||||
temp = (char *) safe_realloc(temp,strlen(temp)+1);
|
||||
return temp;
|
||||
}
|
||||
|
||||
|
||||
@@ -1601,8 +1601,7 @@ int ServiceNFO::currentprobe_timemsleft(const struct timeval *now) {
|
||||
}
|
||||
|
||||
void ServiceNFO::appendtocurrentproberesponse(const u8 *respstr, int respstrlen) {
|
||||
currentresp = (u8 *) realloc(currentresp, currentresplen + respstrlen);
|
||||
assert(currentresp);
|
||||
currentresp = (u8 *) safe_realloc(currentresp, currentresplen + respstrlen);
|
||||
memcpy(currentresp + currentresplen, respstr, respstrlen);
|
||||
currentresplen += respstrlen;
|
||||
}
|
||||
|
||||
17
tcpip.cc
17
tcpip.cc
@@ -1986,10 +1986,7 @@ if (timedout) {
|
||||
}
|
||||
*len = head.caplen - offset;
|
||||
if (*len > alignedbufsz) {
|
||||
alignedbuf = (char *) realloc(alignedbuf, *len);
|
||||
if (!alignedbuf) {
|
||||
fatal("Unable to realloc %d bytes of mem", *len);
|
||||
}
|
||||
alignedbuf = (char *) safe_realloc(alignedbuf, *len);
|
||||
alignedbufsz = *len;
|
||||
}
|
||||
memcpy(alignedbuf, p, *len);
|
||||
@@ -2508,8 +2505,8 @@ static int collect_dnet_routes(const struct route_entry *entry, void *arg) {
|
||||
/* Make sure we have room for the new route */
|
||||
if (dcrn->numroutes >= dcrn->capacity) {
|
||||
dcrn->capacity <<= 2;
|
||||
dcrn->routes = (struct sys_route *) realloc(dcrn->routes,
|
||||
dcrn->capacity * sizeof(struct sys_route));
|
||||
dcrn->routes = (struct sys_route *) safe_realloc(dcrn->routes,
|
||||
dcrn->capacity * sizeof(struct sys_route));
|
||||
}
|
||||
|
||||
/* Now for the important business */
|
||||
@@ -2544,8 +2541,8 @@ static int collect_dnet_interfaces(const struct intf_entry *entry, void *arg) {
|
||||
/* Make sure we have room for the new route */
|
||||
if (dcrn->numifaces >= dcrn->capacity) {
|
||||
dcrn->capacity <<= 2;
|
||||
dcrn->ifaces = (struct interface_info *) realloc(dcrn->ifaces,
|
||||
dcrn->capacity * sizeof(struct interface_info));
|
||||
dcrn->ifaces = (struct interface_info *) safe_realloc(dcrn->ifaces,
|
||||
dcrn->capacity * sizeof(struct interface_info));
|
||||
}
|
||||
if (entry->intf_addr.addr_type == ADDR_TYPE_IP) {
|
||||
addr_ntos(&entry->intf_addr, (struct sockaddr *) &dcrn->ifaces[numifaces].addr);
|
||||
@@ -2750,7 +2747,7 @@ int sd;
|
||||
numifaces++;
|
||||
if (numifaces == ii_capacity) {
|
||||
ii_capacity <<= 2;
|
||||
mydevs = (struct interface_info *) realloc(mydevs, sizeof(struct interface_info) * ii_capacity);
|
||||
mydevs = (struct interface_info *) safe_realloc(mydevs, sizeof(struct interface_info) * ii_capacity);
|
||||
assert(mydevs);
|
||||
}
|
||||
mydevs[numifaces].devname[0] = mydevs[numifaces].devfullname[0] = '\0';
|
||||
@@ -2924,7 +2921,7 @@ struct sys_route *getsysroutes(int *howmany) {
|
||||
numroutes++;
|
||||
if (numroutes >= route_capacity) {
|
||||
route_capacity <<= 2;
|
||||
routes = (struct sys_route *) realloc(routes, route_capacity * sizeof(struct sys_route));
|
||||
routes = (struct sys_route *) safe_realloc(routes, route_capacity * sizeof(struct sys_route));
|
||||
}
|
||||
}
|
||||
} else {
|
||||
|
||||
6
utils.cc
6
utils.cc
@@ -312,8 +312,8 @@ else if (num_elem < 65536)
|
||||
bpe = sizeof(unsigned short);
|
||||
else bpe = sizeof(unsigned int);
|
||||
|
||||
bytes = (unsigned char *) malloc(bpe * num_elem);
|
||||
tmp = (unsigned char *) malloc(elem_sz);
|
||||
bytes = (unsigned char *) safe_malloc(bpe * num_elem);
|
||||
tmp = (unsigned char *) safe_malloc(elem_sz);
|
||||
|
||||
get_random_bytes(bytes, bpe * num_elem);
|
||||
cptr = bytes;
|
||||
@@ -406,7 +406,7 @@ int arg_parse(const char *command, char ***argv) {
|
||||
if (Strncpy(mycommand, command, 4096) == -1) {
|
||||
return -1;
|
||||
}
|
||||
myargv = (char **) malloc((MAX_PARSE_ARGS + 2) * sizeof(char *));
|
||||
myargv = (char **) safe_malloc((MAX_PARSE_ARGS + 2) * sizeof(char *));
|
||||
memset(myargv, 0, (MAX_PARSE_ARGS+2) * sizeof(char *));
|
||||
myargv[0] = (char *) 0x123456; /* Integrity checker */
|
||||
myargv++;
|
||||
|
||||
Reference in New Issue
Block a user