mailing list archives
Re: Analysis of clang results for nmap main directory.
From: David Fifield <david () bamsoftware com>
Date: Thu, 14 Jun 2012 10:27:14 -0700
On Thu, Jun 14, 2012 at 01:06:01PM -0400, James Rogers wrote:
Reran clang against latest version of nmap on Tuesday, many changes
had been made since I first ran this tool and I wanted the results to
be as meaningful as possible.
Clang Report for main branch of nmap, excluding all subdirectories.
13 June 2012
Logic error Dereference of null pointer nse_pcrelib.cc 272
271 res = pcre_exec(ud->pr, ud->extra, text, (int)len, startoffset, eflags,
272 ud->match, (ud->ncapt + 1) * 3);
Logic error Dereference of null pointer nse_pcrelib.cc 234
233 res = pcre_exec(ud->pr, ud->extra, text, (int)elen, startoffset, eflags,
234 ud->match, (ud->ncapt + 1) * 3);
Didn't we already discuss this in http://seclists.org/nmap-dev/2012/q2/627?
This is because the analyzer doesn't realize that the luaL_argerror
within Lpcre_getargs never returns. ud cannot be NULL at this point. If
you replace luaL_argerror with exit, does this problem still get
reported? If not, then this is a false positive.
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/