Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: ncat minor patches
From: David Fifield <david () bamsoftware com>
Date: Fri, 24 Apr 2009 11:46:23 -0600

On Fri, Apr 24, 2009 at 09:12:00PM +0300, ithilgore wrote:
I 've been reading through the ncat code and made some minor fixes
on some things that I stumbled upon. 

1. Replaced all instances of sys_wrap's Malloc with nbase's safe_malloc,
since safe_malloc does essentially the same thing and is used throughout
all of nmap's codebase.

2. Replaced all instances of strdup with sys_wrap's Strdup for consistency.

3. Removed a redundant check in ncat_main.c 

    /* Set the default to IPv4 if not explicitly specified. */
    if (o.af != AF_INET && o.af != AF_INET6)
        o.af = AF_INET;

o.af is initialized to AF_INET with options_init() which is called in the
beginning of main()

These changes all look good to me.

In addition, I think all atoi instances should be replaced with something
like strtol since atoi is deprecated and doesn't do any error-checking for
input that is not actually a digit.

I agree. There is a function parse_long in util.c that does integer
parsing using strtol. It allows only nonnegative decimal integers, with
no preceding whitespace or sign. It's intended for things like port
number parsing, where "1.2.3.4: 80" and "1.2.3.4:+80" should be syntax
errors, but it is also appropriate for things like the argument to
--max-conns, currently parsed with atoi.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault