[Winpcap-bugs] Re: [Winpcap-team] Bug report winpcap v3.1,
AddAdapter function in AdInfo.c
Loris Degioanni
loris.degioanni at gmail.com
Sat Sep 10 00:13:02 GMT 2005
Real,
I just applied your patches and checked them in the WinPcap CVS. Thanks
for your help!
Loris
Real Blanchet wrote:
> Hi,
> I would like to report 2 bugs found using windows 2003 and winpcap v3.1.
>
> In file winpcap\packetNtx\Dll\AdInfo.c
>
> 1.
> line 749, PacketCloseAdapter(adapter) crashes the application when
> TmpAdInfo == NULL and flags != INFO_FLAG_DONT_EXPORT,
> I added flags validation
> --------------------------------------------
> TmpAdInfo = GlobalAllocPtr(GMEM_MOVEABLE | GMEM_ZEROINIT,
> sizeof(ADAPTER_INFO));
> if (TmpAdInfo == NULL)
> {
> ODS("AddAdapter: GlobalAlloc Failed\n");
> ++ if(flags != INFO_FLAG_DONT_EXPORT)
> ++ {
> GlobalFreePtr(OidData);
> PacketCloseAdapter(adapter);
> ++ }
> ReleaseMutex(AdaptersInfoMutex);
> return FALSE;
> }
> --------------------------------------------
>
>
> 2.
> line 713, UAdName is never freed (leaks) for flags != INFO_FLAG_DONT_EXPORT
> I moved UAdName = SChar2WChar(AdName); inside flags !=
> INFO_FLAG_DONT_EXPORT condition
> --------------------------------------------
> -- UAdName = SChar2WChar(AdName);
>
> //here we could have released the mutex, but what happens if two
> threads try to add the same adapter?
> //The adapter would be duplicated on the linked list
>
> if(flags != INFO_FLAG_DONT_EXPORT)
> {
> ++ UAdName = SChar2WChar(AdName);
> // Try to Open the adapter
> adapter = PacketOpenAdapterNPF((PCHAR)UAdName);
>
> GlobalFreePtr(UAdName);
>
> if(adapter == NULL)
> {
> // We are not able to open this adapter. Skip to the next one.
> ReleaseMutex(AdaptersInfoMutex);
> return FALSE;
> }
> --------------------------------------------
>
> I hope this will help.
>
> Best regards,
> Real
>
>
More information about the Winpcap-bugs
mailing list