Nmap Development mailing list archives
found a resource leak in file nmap-5.0/libpap/pcap-dlpi.c
From: "Martin Ettl" <ettl.martin () gmx de>
Date: Fri, 17 Jul 2009 10:14:56 +0200
<!-- --> Hello friends, i have checked the sources of nmap-5.00 with the static code analyis tool cppcheck (http://cppcheck.wiki.sourceforge.net/). It found a resource leak in file nmap-5.0/libpap/pcap-dlpi.c at line 1097 in function pcap_platform_finddevs(...). The tool prints the following output: /nmap-5.00/libpcap/pcap-dlpi.c,1097,error,Resource leak: fd Take a look at the source: .... int pcap_platform_finddevs(pcap_if_t **alldevsp, char *errbuf) { #ifdef HAVE_SOLARIS int fd; union { u_int nunits; char pad[516]; /* XXX - must be at least 513; is 516 in "atmgetunits" */ } buf; char baname[2+1+1]; u_int i; /* * We may have to do special magic to get ATM devices. */ if ((fd = open("/dev/ba", O_RDWR)) < 0) { /* * We couldn't open the "ba" device. * For now, just give up; perhaps we should * return an error if the problem is neither * a "that device doesn't exist" error (ENOENT, * ENXIO, etc.) or a "you're not allowed to do * that" error (EPERM, EACCES). */ return (0); } if (strioctl(fd, A_GET_UNITS, sizeof(buf), (char *)&buf) < 0) { snprintf(errbuf, PCAP_ERRBUF_SIZE, "A_GET_UNITS: %s", pcap_strerror(errno)); return (-1); } for (i = 0; i < buf.nunits; i++) { snprintf(baname, sizeof baname, "ba%u", i); if (pcap_add_if(alldevsp, baname, 0, NULL, errbuf) < 0) return (-1); } #endif return (0); } ... As you can see, the filepointer is not closed at before the function returns (-1). A possible way out might be using the following modified version: int pcap_platform_finddevs(pcap_if_t **alldevsp, char *errbuf) { #ifdef HAVE_SOLARIS int fd; union { u_int nunits; char pad[516]; /* XXX - must be at least 513; is 516 in "atmgetunits" */ } buf; char baname[2+1+1]; u_int i; /* * We may have to do special magic to get ATM devices. */ if ((fd = open("/dev/ba", O_RDWR)) < 0) { /* * We couldn't open the "ba" device. * For now, just give up; perhaps we should * return an error if the problem is neither * a "that device doesn't exist" error (ENOENT, * ENXIO, etc.) or a "you're not allowed to do * that" error (EPERM, EACCES). */ return (0); } if (strioctl(fd, A_GET_UNITS, sizeof(buf), (char *)&buf) < 0) { snprintf(errbuf, PCAP_ERRBUF_SIZE, "A_GET_UNITS: %s", pcap_strerror(errno)); fclose(fd); return (-1); } for (i = 0; i < buf.nunits; i++) { snprintf(baname, sizeof baname, "ba%u", i); if (pcap_add_if(alldevsp, baname, 0, NULL, errbuf) < 0) { fclose(fd); return (-1); } } #endif return (0); } Best regards Ettl Martin -- Jetzt kostenlos herunterladen: Internet Explorer 8 und Mozilla Firefox 3 - sicherer, schneller und einfacher! http://portal.gmx.net/de/go/atbrowser -- GRATIS für alle GMX-Mitglieder: Die maxdome Movie-FLAT! Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome01 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- found a resource leak in file nmap-5.0/libpap/pcap-dlpi.c Martin Ettl (Jul 17)
- <Possible follow-ups>
- found a resource leak in file nmap-5.0/libpap/pcap-dlpi.c Martin Ettl (Jul 18)
- Re: found a resource leak in file nmap-5.0/libpap/pcap-dlpi.c David Fifield (Jul 18)
- Message not available
- Re: found a resource leak in file nmap-5.0/libpap/pcap-dlpi.c David Fifield (Jul 19)
- Re: found a resource leak in file nmap-5.0/libpap/pcap-dlpi.c Solar Designer (Jul 21)
- Re: found a resource leak in file nmap-5.0/libpap/pcap-dlpi.c Martin Ettl (Jul 26)
- Re: found a resource leak in file nmap-5.0/libpap/pcap-dlpi.c David Fifield (Jul 18)