Re: [nmap-svn] r31378 - nmap-exp/d33tah/ncat-env-conninfo/ncat

[d33 tah <d33tah () gmail com>]

Hi Henri,

> > +    *env = (LPTSTR) safe_realloc(*env, *env_size+added_value_len);
> > +
> > +    Snprintf(*env + *env_size-1, added_value_len, "%s=%s", name, value);
> > +
> > +    *env_size += added_value_len;
> > +    (*env)[*env_size] = '\0';
> > +    (*env)[*env_size-1] = '\0';
> Why do you zero the last *two* indices? Safety? You might want to
> check/use Snprintf return value too.

As Windows MSDN docs say, the environment description string contains
a NULL-separated array of key=value strings. Its ending is marked by
two NULL bytes - probably one for the end of string, and another to
make next string zero-bytes long.

BTW, I probably should mention that - as much as I'm ashamed to admit
it - the code was written using "programming by permutation". Although
I re-read it a few times already, there might be some bug lurking
here.

> > +}
> > +
> > +static void setup_environment(struct fdinfo *info, LPTSTR* env, int *env_size)
> > +{
> > +    char *dest_addr=NULL;
> > +    char dest_port[10];
> > +    union sockaddr_u su;
> > +    unsigned short port;
> > +    char str[16];
> > +    char ip[4 * INET6_ADDRSTRLEN];
> Why is ip 4*INET6_ADDRSTRLEN?

No idea really. I copied it from here (line 1821):
http://git.savannah.gnu.org/cgit/inetutils.git/tree/src/inetd.c
I'll do some digging about what kind of buffers Ncat uses to represent
IP's - if you know the answer already, I'd be happy to hear it.

...As for the other comments: thanks, I'll change the stuff soon.

Yours,
Jacek
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/