mirror of
https://github.com/nmap/nmap.git
synced 2025-12-15 20:29:03 +00:00
1d5f68a080
in getinterfaces. This was the cause of an overlapping memcpy reported at http://seclists.org/nmap-dev/2009/q2/0713.html. In the code, sin is a pointer that holds the address of the IP address configured for an interface. It is copied into a tmpifr.ifr_addr before each ioctl, perhaps because that is required on some platforms even though on Linux only ifr_name is needed by the ioctl. When the ioctl returns, it overwrites whatever was in ifr_addr because that member is in a union, so sin is kept in order to restore the address again before the next ioctl. In the code that handles SIOCGIFNETMASK, sin was mistakenly used as a temporary pointer and redirected to &tmpifr.ifr_addr. This caused all future memcpys before ioctl to copy tmpifr.ifr_addr to itself, rather than copying in the IP address of the interface. The throwaway sin assignment was not even used; the code that used it was modified in r2751. So now we just keep sin pointing where it should the whole time.
Here is some documentation for Nmap, but these files are much less comprehensive than what you'll find at the actual Nmap documentation site ( http://nmap.org ).