Re: error semantics of faulty dependencies

[Patrick Donnelly <batrick () batbytes com>]

On Thu, Feb 3, 2011 at 12:23 PM, Ron <ron () skullsecurity net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Mon, 31 Jan 2011 02:31:20 -0800 David Fifield <david () bamsoftware com> wrote:
> > On Thu, Jan 27, 2011 at 04:38:54PM +0200, Toni Ruottu wrote:
> > > We just had a case on nmap-dev where a programmer accidentally
> > > stated dependencies = {"script-name.nse"}
> > > which is wrong. The correct way is to leave out the file extension.
> > > So dependencies = {"script-name"}
> > > would have been correct.
> > >
> > > I have done the same error myself, and I can tell you it is really
> > > hard to debug. Could nmap be modified to include some sort of check
> > > that would catch these errors and give a clear error message when
> > > run with debugging flags?
> >
> > I think we could either 1) show a warning when a dependency ends in
> > ".nse", or 2) allow dependencies to end in ".nse". If someone has a
> > patch for either one I'll apply it.
> >
> > David Fifield
> I think an even better option is to print a warning (or halt with an error) if a dependency doesn't exist.

This was part of the initial design for dependencies [1]. We
eventually decided to not have strong dependencies because of
questionable usefulness.

[1] http://seclists.org/nmap-dev/2009/q4/295

-- 
- Patrick Donnelly
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/