You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
packetBuffer is filled at Netdump::tcpDump, but it's with a new (std::nothrow) ... and Netdump::tcpDump is called anyway.
That means if new (std::nothrow) ... returns a null pointer because it's out of memory UB will happen.
I'm prepared to provide a PR to fix it, but I don't know the best way to do this. Should I just check at Netdump::tcpDumpProcess if packetBuffer is filled and return early? Is there a way to warn the user? And I'm not really sure what is the appropriate cleanup code, or if a return; is sufficient.
The text was updated successfully, but these errors were encountered:
Basic Infos
Problem Description
At libraries/Netdump.cpp
packetBufferis dereferenced without checking fornullptr.packetBufferis filled at Netdump::tcpDump, but it's with anew (std::nothrow) ...andNetdump::tcpDumpis called anyway.That means if
new (std::nothrow) ...returns a null pointer because it's out of memory UB will happen.I'm prepared to provide a PR to fix it, but I don't know the best way to do this. Should I just check at
Netdump::tcpDumpProcessifpacketBufferis filled and return early? Is there a way to warn the user? And I'm not really sure what is the appropriate cleanup code, or if areturn;is sufficient.The text was updated successfully, but these errors were encountered: