Re: New patch for XML output

[David Fifield <david () bamsoftware com>]

On Wed, Dec 12, 2007 at 07:35:25AM -0300, Jo?o Medeiros wrote:
>     Latter I see that osfingerprint write code don't use
> xml_converter. Then, I do it and cut the start '\n'. The patch for
> Nmap 4.49RC7 is attached.

--- nmap-4.49RC7/output.cc      2007-10-27 21:05:03.000000000 -0300
+++ nmap-4.49RC7/output.cc.new  2007-12-12 07:18:26.000000000 -0300
@@ -798,6 +798,15 @@
   for (p = temp;(prevch = ch, ch = *str);str++) {
     char *a;
     switch (ch) {
+    case '\t':
+      a = "	";
+      break;
+    case '\r':
+      a = "
";
+      break;
+    case '\n':
+      a = "
";
+      break;
     case '<':
       a = "&lt;";
       break;

I don't see any reason to escape '\t', '\r', and '\n'. Even inside
attribute values they are okay.

@@ -1559,11 +1568,11 @@
   } else { assert(0); }
   
   if (o.debugging || o.verbose) {
-    log_write(LOG_XML,"<osfingerprint fingerprint=\"\n%s\" />\n", 
-             mergeFPs(FPR->FPs, FPR->numFPs, false,
+    log_write(LOG_XML,"<osfingerprint fingerprint=\"%s\" />\n", 
+             xml_convert(mergeFPs(FPR->FPs, FPR->numFPs, false,
                       currenths->v4hostip(), distance, currenths->MACAddress(),
                       FPR->osscan_opentcpport, FPR->osscan_closedtcpport, FPR->osscan_closedudpport,
-                      false));
+                      false)));
   }
   
   log_write(LOG_XML, "</os>\n");

xml_convert returns a pointer to dynamically allocated memory so you
have to call free on it after using.

OS fingerprints can't contain any forbidden characters at the moment,
but it's better to be safe than sorry. I committed a modified patch that
frees the allocated memory and doesn't remove the initial newline (I
think it looks better to keep it).

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org