Merge pull request #253 from crondaemon/ccc-analyzer

ccc-analyzer code audit fixes
2025-08-21 13:53:59 -07:00 · 2017-08-19 06:20:39 +02:00 · 2017-08-19 06:20:39 +02:00 · 24f1a929c1
commit 24f1a929c1
parent ad8f77bbf1 0ed3bef2db
6 changed files with 13 additions and 13 deletions
--- a/hydra-cisco.c
+++ b/hydra-cisco.c
@ -127,7 +127,7 @@ void service_cisco(char *ip, int32_t sp, unsigned char options, char *miscptr, F
    switch (run) {
    case 1:                    /* connect and service init function */
      {
-        unsigned char *buf2;
+        unsigned char *buf2 = NULL;
        int32_t f = 0;

        if (sock >= 0)
@ -151,9 +151,10 @@ void service_cisco(char *ip, int32_t sp, unsigned char options, char *miscptr, F
          hydra_child_exit(1);
        }
        do {
-          if (f != 0)
+          if (f != 0) {
            free(buf2);
-          else
+            buf2 = NULL;
+          } else
            f = 1;
          if ((buf2 = (unsigned char *) hydra_receive_line(sock)) == NULL) {
            if (failc < retry) {
@ -169,7 +170,7 @@ void service_cisco(char *ip, int32_t sp, unsigned char options, char *miscptr, F
          }
          if (buf2 != NULL && hydra_strcasestr((char*)buf2, "ress ENTER") != NULL)
            hydra_send(sock, "\r\n", 2, 0);
-        } while (strstr((char *) buf2, "assw") == NULL);
+        } while (buf2 != NULL && strstr((char *) buf2, "assw") == NULL);
        free(buf2);
        if (next_run != 0)
          break;
--- a/hydra-mod.c
+++ b/hydra-mod.c
@ -288,9 +288,9 @@ int32_t internal__hydra_connect(char *host, int32_t port, int32_t protocol, int3
          if (debug)
            printf("DEBUG_CONNECT_PROXY_OK\n");
        } else {
-          if (debug)
+          if (debug && tmpptr)
            printf("DEBUG_CONNECT_PROXY_FAILED (Code: %c%c%c)\n", *tmpptr, *(tmpptr + 1), *(tmpptr + 2));
-          if (verbose)
+          if (verbose && tmpptr)
            fprintf(stderr, "[ERROR] CONNECT call to proxy failed with code %c%c%c\n", *tmpptr, *(tmpptr + 1), *(tmpptr + 2));
          err = 1;
        }
@ -948,7 +948,6 @@ char *hydra_receive_line(int32_t socket) {
  } else {
    if (debug)
      printf("[DEBUG] hydra_data_ready_timed: %d, waittime: %d, conwait: %d, socket: %d\n", i, waittime, conwait, socket);
-    i = 0;
  }

  if (got < 0) {
--- a/hydra-radmin2.c
+++ b/hydra-radmin2.c
@ -86,7 +86,7 @@ char *message2buffer(struct rmessage *msg) {

  switch(msg->type) {
    case 0x1b: //Challenge request
-      data = calloc (10, sizeof(unsigned char));
+      data = (char *)calloc (10, sizeof(char));
      if(data == NULL) {
        hydra_report(stderr, "calloc failure\n");
        hydra_child_exit(0);
@ -97,7 +97,7 @@ char *message2buffer(struct rmessage *msg) {
      memcpy((data+9), &msg->type, sizeof(char));
      break;
    case 0x09:
-      data = calloc (42, sizeof(unsigned char));
+      data = (char *)calloc (42, sizeof(char));
      if(data == NULL) {
        hydra_report(stderr, "calloc failure\n");
        hydra_child_exit(0);
--- a/hydra-vmauthd.c
+++ b/hydra-vmauthd.c
@ -108,8 +108,8 @@ void service_vmauthd(char *ip, int32_t sp, unsigned char options, char *miscptr,
        hydra_child_exit(2);
      }
      if ((strstr(buf, "Version 1.00") == NULL) && (strstr(buf, "Version 1.10") == NULL)) {
-        free(buf);
        hydra_report(stderr, "[ERROR] this vmware authd protocol is not supported, please report: %s\n", buf);
+        free(buf);
        hydra_child_exit(2);
      }
      //by default this service is waiting for ssl connections      
--- a/hydra-vnc.c
+++ b/hydra-vnc.c
@ -135,8 +135,8 @@ int32_t start_vnc(int32_t s, char *ip, int32_t port, unsigned char options, char
      return 3;
    return 1;
  default:
-    free(buf);
    hydra_report(stderr, "[ERROR] unknown VNC server security result %d\n", buf[3]);
+    free(buf);
    return 1;
  }

--- a/hydra.c
+++ b/hydra.c
@ -894,7 +894,7 @@ void hydra_restore_read() {
  if (debug)
    printf("[DEBUG] reading restore file: Step 10 complete\n");

-  hydra_targets = malloc((hydra_brains.targets + 3) * sizeof(hydra_targets));
+  hydra_targets = (hydra_target **) malloc((hydra_brains.targets + 3) * sizeof(hydra_target*));
  for (j = 0; j < hydra_brains.targets; j++) {
    hydra_targets[j] = malloc(sizeof(hydra_target));
    fck = (int32_t) fread(hydra_targets[j], sizeof(hydra_target), 1, f);
@ -3397,7 +3397,7 @@ int32_t main(int32_t argc, char *argv[]) {
      four_from = (addr4 & l);
      l = 1 << (32 - k);
      hydra_brains.targets = countservers = l;
-      hydra_targets = malloc(sizeof(hydra_target*) * (l + 2) + 8);
+      hydra_targets = (hydra_target**)malloc(sizeof(hydra_target*) * (l + 2) + 8);
      if (hydra_targets == NULL)
        bail("Could not allocate enough memory for target data");
      i = 0;