Re: More nsock socket_count_write_dec assert() failures

[Brandon Enright <bmenrigh () ucsd edu>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 25 Jan 2010 23:49:19 -0800
Brandon Enright <bmenrigh () ucsd edu> wrote:

[...snip...]
> I know tracking this problem down is going to be exceptionally
> difficult so I also have the output of doing this scan with "-v -v -d9
> - --packet-trace --script-trace" which should help.  I also have the
> output of doing the same while using strace.  I also have a PCAP.  I
> can't make these files available publicly though as the machine being
> scanned here is involved with processing credit cards.  Within reason
> I can make the files available privately.
>
> I'm happy to apply a patch that prints useful debugging info.
>
> If any more hosts show up triggering this assert() I'll send a note
> along.
>
> Brandon


I finally narrowed this down to a handful of hosts.  I then narrowed
the assert() failure to the http-enum script.


$ sudo ./nmap --datadir . -sC --script="http-e*" -p 443 -d -v -v -T5 -PN <host>

Starting Nmap 5.20 ( http://nmap.org ) at 2010-02-05 23:30 UTC
[...]
Discovered open port 443/tcp on <host>
[...]
Initiating NSE at 23:30
NSE: NSE Script Threads (1) running:
NSE: Starting http-enum against <host>:443.
NSE: http-enum: Attempting to parse fingerprint file nselib/data/http-fingerprints
NSE: http-enum: Added 71 entries from file nselib/data/http-fingerprints
NSE: http-enum: Attempting to parse fingerprint file nselib/data/yokoso-fingerprints
NSE: http-enum: Added 88 entries from file nselib/data/yokoso-fingerprints
NSE: Final http cache size (15 bytes) of max size of 1000000
NSE: HTTP: Host returns proper 404 result.
NSE: Final http cache size (33 bytes) of max size of 1000000
NSE: HTTP: Didn't receive expected response to HEAD request (got 401 Unauthorized
).
NSE: Checking if a GET request is going to work out
NSE: Final http cache size (51 bytes) of max size of 1000000
NSE: Root directory requires authentication (401 Unauthorized
), scans may not work
NSE: http-enum.nse: Searching for entries under path '' (change with 'path' argument)
NSE: Total number of pipelined requests: 159
NSE: Number of requests allowed by pipeline: 1
nmap: nsock_core.c:199: socket_count_write_dec: Assertion `(iod->writesd_count) > 0' failed.
Aborted


I can reproduce this issue every time.  I'm willing to apply and test
patches that provide an avalanche of debugging output if
that will help.

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)

iEYEARECAAYFAktsq2cACgkQqaGPzAsl94JVKACfUk9UXuBCvU/D2FeYMrTFPh0c
13cAn1wTi5p1AvMJhIjnNZrvKjLlqJXL
=HNi7
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/