2 tiny bugs in sqlmap
I was at SecTalks-Canberra tonight and a workshop was being given on SQL injection. The speaker was talking about sqlmap, so I thought instead of spending the time doing the actual workshop content, which was quite good, I thought would have a quick look at the sqlmap code. sqlmap/extra/icmpsh/icmpsh-s.c int main(int argc, char **argv) { ... unsigned int max_data_size; ... // parse command line options for (opt = 1; opt < argc; opt++) { if (argv[opt][0] == '-') { switch(argv[opt][1]) { ... case 's': if (opt + 1 < argc) { max_data_size = atol(argv[opt + 1]); } break; ... in_buf = (char *) malloc(max_data_size + ICMP_HEADERS_SIZE); out_buf = (char