Integer overflow in parse of max_ips_to_scan

**Describe the bug**
Integer overflow in parse of max_ips_to_scan
max_ips_to_scan defined as ```unsigned int max_ips_to_scan; // Used for Random input (-iR) to specify how``` in [NmapOps.h](https://github.com/nmap/nmap/blob/43e70c09d2b310a967fd52352db0ad5fd8877447/NmapOps.h#L229)
but use as ulong ```o.max_ips_to_scan = strtoul(optarg, &endptr, 10);``` in [nmap.cc](https://github.com/nmap/nmap/blob/43e70c09d2b310a967fd52352db0ad5fd8877447/nmap.cc#L932)

**To Reproduce**
```nmap -iR 2147483647``` works fine, ```nmap -iR 2147483648``` parsed 0 target.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Integer overflow in parse of max_ips_to_scan #2838

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Integer overflow in parse of max_ips_to_scan #2838

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions