Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

nmap-5.20 on x86_64 Segmentation fault

From: Gunnar Lindberg <Gunnar.Lindberg () chalmers se>
Date: Fri, 22 Jan 2010 17:32:10 +0100 (MET)
./nmap 129.16.x.y
Starting Nmap 5.20
Segmentation fault

./nmap -n 129.16.x.y
OK

# uname -a
Linux wilfer.cdg.chalmers.se 2.6.18-164.10.1.el5 #1 SMP Wed Dec 30 18:35:28 EST 2009 x86_64 x86_64 x86_64 GNU/Linux
Red Hat Enterprise Linux Client release 5.4 (Tikanga)

gdb backtrace
#0  0x00000000004692dd in nmap_mass_rdns_core (targets=0x1742ac00,
    num_targets=1) at nmap_dns.cc:1160
#1  0x0000000000469e06 in nmap_mass_rdns (targets=0x1742acc0, num_targets=1)
    at nmap_dns.cc:1315
#2  0x00000000004232d6 in nexthost (hs=0x1742a820, exclude_group=0x0,
    ports=0x7fffb07dfa70, pingtype=122) at targets.cc:582
#3  0x000000000041ec29 in nmap_main (argc=2, argv=0x7fffb07e2e38)
    at nmap.cc:1720
#4  0x000000000041a799 in main (argc=2, argv=0x7fffb07e2e38) at main.cc:205
I added some printf()

nmap-5.20/nmap_dns.cc:
static void nmap_mass_rdns_core(Target **targets, int num_targets) {
...
fprintf(stderr, "1a *targets=<%X>\n",*targets);
  init_servs();
fprintf(stderr, "1b *targets=<%X>\n",*targets);
...

Result:
1a *targets=<135A5CD0>
1b *targets=<0>

My 0.01 SEK is that something goes wrong when trying to make use of
    struct sockaddr_storage *
in get_dns_servers() and that that later on leads to corrupt data.

        Gunnar Lindberg, Chalmers University of Technology

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: