Bounce scan: avoid array overrun (read) by checking index instead

nmap · Jul 29, 2016 · 09eef55 · 09eef55
1 parent b6dfce6
commit 09eef55
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/nmap_ftp.cc b/nmap_ftp.cc
@@ -339,7 +339,7 @@ void bounce_scan(Target *target, u16 *portarray, int numports,
  } else {
  error("Your FTP bounce server doesn't allow privileged ports, skipping them.");
  while (i < numports && portarray[i] < 1024) i++;
- if (!portarray[i]) {
+ if (i >= numports) {
  fatal("And you didn't want to scan any unprivileged ports. Giving up.");
  }
  }