Re: [RFC] Output file option for capturing service and os fingerprints

[Brandon Enright <bmenrigh () ucsd edu>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 19 Jun 2008 23:26:28 -0400
"Michael Pattrick" <mpattrick () rhinovirus org> wrote:

> Hey Brandon,
>
> On Thu, Jun 19, 2008 at 9:06 PM, Brandon Enright <bmenrigh () ucsd edu>
> wrote:
> > It occurs to me that if people are seriously using the servicefp=
> > attribute we should probably expand the buffer beyond 2k.  When I
> > patched Nmap to include the the fingerprint I limited
> > xml_sf_convert() routine to 2035 bytes.
>
> I went ahead and fixed this.
>
> Cheers,
> Michael

Hey Michael --

This may have had some adverse effects...

The latest SVN is segfaulting at output.cc:768.

Here's the gdb list and backtrace:

(gdb) list
763             log_write(LOG_XML, "/>");
764             if (current->owner && *current->owner) {
765               log_write(LOG_XML, "<owner name=\"%s\" />", current->owner);
766             }
767             if (getServiceXMLBuf(&sd, xmlbuf) == 0)
768               if (*xmlbuf){
769                 log_write(LOG_XML, "%s", xmlbuf);
770                     free(xmlbuf);
771                     xmlbuf=NULL;
772               }

(gdb) bt  
#0  0x000000000043aa5b in printportoutput (currenths=<value optimized out>, 
    plist=0x2a90190) at output.cc:768
#1  0x000000000041b8ce in nmap_main (argc=32, argv=0x7fff06b92f28)
    at nmap.cc:1822
#2  0x0000000000417477 in main (argc=32, argv=0x7fff06b92f28) at main.cc:224


I'll dig deeper into this if you'd like.

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEUEARECAAYFAkhcJU0ACgkQqaGPzAsl94KEtQCfYJDgM5UNckyDeyTNC5v+SdY9
ibgAmLpw7EA54IZP+SDkZF9+jTMeruc=
=JG39
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org