Hi,
I found a potential bug in nasl_open_privileged_socket function that
could make it running improperly.
Here is the function, and I made some comments on the right side:
static tree_cell * nasl_open_privileged_socket(lex_ctxt * lexic, int
proto)
{
int sport, current_sport = -1;
...
if(sport < 0) current_sport = 1023; <-----here should has an else
statement, like: "else current_sport = sport;", otherwise if sport>0,
the first line under tryagian below will always fail
...
tryagain :
if ( current_sport < 128 ) return NULL; <--------------here will
always fail if sport>0
e = set_socket_source_addr(sock, sport > 0 ? sport : current_sport--);
...
}
Please confirm if this is a bug or just my misunderstanding. Thanks!
Regards
Jingyu
I found a potential bug in nasl_open_privileged_socket function that
could make it running improperly.
Here is the function, and I made some comments on the right side:
static tree_cell * nasl_open_privileged_socket(lex_ctxt * lexic, int
proto)
{
int sport, current_sport = -1;
...
if(sport < 0) current_sport = 1023; <-----here should has an else
statement, like: "else current_sport = sport;", otherwise if sport>0,
the first line under tryagian below will always fail
...
tryagain :
if ( current_sport < 128 ) return NULL; <--------------here will
always fail if sport>0
e = set_socket_source_addr(sock, sport > 0 ? sport : current_sport--);
...
}
Please confirm if this is a bug or just my misunderstanding. Thanks!
Regards
Jingyu