Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Analysis of clang results for nmap main directory.
From: David Fifield <david () bamsoftware com>
Date: Thu, 14 Jun 2012 10:27:14 -0700

On Thu, Jun 14, 2012 at 01:06:01PM -0400, James Rogers wrote:
Reran clang against latest version of nmap on Tuesday, many changes
had been made since I first ran this tool and I wanted the results to
be as meaningful as possible.

Clang Report for main branch of nmap, excluding all subdirectories.
13 June 2012

Logic error   Dereference of null pointer                             nse_pcrelib.cc          272
271   res = pcre_exec(ud->pr, ud->extra, text, (int)len, startoffset, eflags,
272   ud->match, (ud->ncapt + 1) * 3);

Logic error   Dereference of null pointer                             nse_pcrelib.cc          234
233   res = pcre_exec(ud->pr, ud->extra, text, (int)elen, startoffset, eflags,
234   ud->match, (ud->ncapt + 1) * 3);

Didn't we already discuss this in http://seclists.org/nmap-dev/2012/q2/627?
This is because the analyzer doesn't realize that the luaL_argerror
within Lpcre_getargs never returns. ud cannot be NULL at this point. If
you replace luaL_argerror with exit, does this problem still get
reported? If not, then this is a false positive.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]