PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: PenTest:6637d76846175169fe3003c50189ec4b3bb925c6
Branches Tags
PenTest:master PenTest:revert-2402-master
...
compare: PenTest:b2cdb23fc0c9219c8413e3b906736dc10f398bc8
Branches Tags
PenTest:master PenTest:revert-2402-master

5 Commits
6637d76846 ... b2cdb23fc0

Author SHA1 Message Date
dmiller
b2cdb23fc0 Cast wider before shifting. 2025-07-15 18:25:09 +00:00
dmiller
117329a5e4 Also check lower bound for attr cast to int 2025-07-15 18:24:40 +00:00
dmiller
c40965039b Check length of format option before accessing 2025-07-15 18:23:47 +00:00
dmiller
d91d876905 Avoid dereferencing freed pointer 2025-07-15 18:22:27 +00:00
dmiller
b6c3989259 Fix incorrect macro definition for eth_handle_close on Windows 2025-07-15 17:48:34 +00:00
5 changed files with 9 additions and 5 deletions
Expand all files Collapse all files

2
MACLookup.cc
View File

@@ -188,7 +188,7 @@ const char *MACPrefix2Corp(const u8 *prefix) {
mac_prefix_init(); mac_prefix_init();
/* MA-S: 36 bits (9 nibbles)*/ /* MA-S: 36 bits (9 nibbles)*/
key = ((u64)prefix[0] << 28) + (prefix[1] << 20) + (prefix[2] << 12) + (prefix[3] << 4) + (prefix[4] >> 4); key = ((u64)prefix[0] << 28) + ((u64)prefix[1] << 20) + ((u64)prefix[2] << 12) + ((u64)prefix[3] << 4) + (prefix[4] >> 4);
corp = findMACEntry(((u64)9 << 36) + key); corp = findMACEntry(((u64)9 << 36) + key);
if (corp) if (corp)
return corp; return corp;

2
libnetutil/netutil.cc
View File

@@ -975,7 +975,7 @@ int netutil_eth_datalink(const netutil_eth_t *e) {
#ifdef WIN32 #ifdef WIN32
#define eth_handle(_eth) (_eth->pt) #define eth_handle(_eth) (_eth->pt)
#define eth_handle_send pcap_inject #define eth_handle_send pcap_inject
#define eth_handle_close eth_close #define eth_handle_close pcap_close
#else #else
#define eth_handle(_eth) (_eth->ethsd) #define eth_handle(_eth) (_eth->ethsd)
#define eth_handle_send eth_send #define eth_handle_send eth_send

3
nse_libssh2.cc
View File

@@ -850,6 +850,7 @@ struct request_context {
static int channel_request (lua_State *L, int status, lua_KContext ctx) { static int channel_request (lua_State *L, int status, lua_KContext ctx) {
int rc; int rc;
request_context *req_ctx = (request_context *)ctx; request_context *req_ctx = (request_context *)ctx;
const char* request_str = req_ctx->request;
DO_OR_YIELD((rc = libssh2_channel_process_startup(req_ctx->channel, DO_OR_YIELD((rc = libssh2_channel_process_startup(req_ctx->channel,
req_ctx->request, req_ctx->request_len, req_ctx->request, req_ctx->request_len,
@@ -859,7 +860,7 @@ static int channel_request (lua_State *L, int status, lua_KContext ctx) {
free(req_ctx); free(req_ctx);
if (rc != 0) if (rc != 0)
return luaL_error(L, "Error sending %s request", req_ctx->request); return luaL_error(L, "Error sending %s request", request_str);
return 0; return 0;
} }

5
nse_zlib.cc
View File

@@ -564,7 +564,10 @@ static int lzstream_decompress(lua_State *L) {
success = (l == 0) ? lz_test_eof(L, s) : lz_read_chars(L, s, l); success = (l == 0) ? lz_test_eof(L, s) : lz_read_chars(L, s, l);
} }
else { else {
const char *p = lua_tostring(L, n); size_t l;
const char *p = lua_tolstring(L, n, &l);
if (l < 2)
return luaL_argerror(L, n, "invalid format");
luaL_argcheck(L, p && p[0] == '*', n, "invalid option"); luaL_argcheck(L, p && p[0] == '*', n, "invalid option");
switch (p[1]) { switch (p[1]) {
case 'l': /* line */ case 'l': /* line */

2
osscan.h
View File

@@ -245,7 +245,7 @@ struct ObservationPrint {
FingerPrintScan scan_info; FingerPrintScan scan_info;
std::vector<FingerTest> extra_tests; std::vector<FingerTest> extra_tests;
const char *getInfo(FingerPrintScan::Attribute attr) const { const char *getInfo(FingerPrintScan::Attribute attr) const {
if (attr >= FingerPrintScan::MAX_ATTR) if (attr >= FingerPrintScan::MAX_ATTR || attr < 0)
return NULL; return NULL;
return scan_info.values[static_cast<int>(attr)]; return scan_info.values[static_cast<int>(attr)];
} }