Nmap Development mailing list archives
Re: NSE Libraries and Global Accesses
From: Patrick Donnelly <batrick () batbytes com>
Date: Wed, 15 Jul 2009 09:24:19 -0600
On Thu, Jul 9, 2009 at 2:34 AM, Patrick Donnelly<batrick () batbytes com> wrote:
NSE Libraries have had a difficult time lately with inappropriate (and probably accidental) use of global variables. Besides being much slower than local access, global variables (within a library) are shared by all scripts. That is, two or more scripts running some function in a library may be setting/using globals simultaneously. I of course use "simultaneously" to mean that while one script is yielded on some socket operation, another script may be changing the variables the yielded script intends to use again.
The standard Lua extension library strict.lua has been modified for our use and added to our group of libraries (r14301). This library is similar to the bash script above except runtime checking is enforced so libraries no longer use globals incorrectly. The NSEDoc comment is descriptive as to how it functions: "Checks for undeclared global variables during runtime execution. This module places the 'strict' function in the global environment. The strict function allows a script to add runtime checking so that undeclared globals cause an error to be raised. This is useful for finding accidental use of globals when local was intended. A global variable is considered 'declared' if the script makes an assignment to the global name (even nil) in the file scope." The module function is hooked so that we automatically call the strict function for each module call. This forces all the NSE libraries to only use declared globals. We catch most global access accidents at runtime without the need for the bash script announced in the OP. Of course, some code paths are not always tested so strict.lua is not a perfect replacement but definitely helps catch most cases. The strict function is also usable by scripts so Authors may catch global access mistakes while debugging scripts. One simply needs to require "strict" and call the return value like so: local strict = require "strict" strict() -- -Patrick Donnelly "Let all men know thee, but no man know thee thoroughly: Men freely ford that see the shallows." - Benjamin Franklin _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- NSE Libraries and Global Accesses Patrick Donnelly (Jul 09)
- Re: NSE Libraries and Global Accesses David Fifield (Jul 09)
- Re: NSE Libraries and Global Accesses Patrick Donnelly (Jul 15)
- Re: NSE Libraries and Global Accesses Fyodor (Jul 15)