Nmap Development mailing list archives
Re: [NSE] Bug in get_info() socket info (was bug in broadcast-dns-service-discovery and dnssd.lua)
From: David Fifield <david () bamsoftware com>
Date: Thu, 9 Jun 2011 10:30:17 -0700
On Thu, Jun 09, 2011 at 06:27:22PM +0100, Djalal Harouni wrote:
On Thu, Jun 09, 2011 at 08:50:21AM -0500, Daniel Miller wrote:Hey list, There was one more issue that I was not able to address: With the patch applied, broadcast-dns-service-discovery does not error out, but the results it returns are very strange:Pre-scan script results: | broadcast-dns-service-discovery: | ::a00:8cee:0:0 | 9/tcp workstation | Address=192.168.1.14 2002:62be:b3c6:0:211:2fff:fed7:d902 | 9/tcp workstation | Address=192.168.1.17 2002:62be:b3c6:0:224:81fd:fe60:9b3 | 9/tcp workstation | Address=192.168.1.19 fe80:0:0:0:a800:4ff:fe01:a04 | 9/tcp workstation | Address=192.168.1.18 fe80:0:0:0:225:b3ff:fe6c:7986 | ::a00:c3e5:0:0 | 22/tcp udisks-ssh |_ Address=192.168.1.18 fe80:0:0:0:225:b3ff:fe6c:7986I can't explain those ::a00:XXXX:0:0 addresses. They change every time the script is invoked, but the results are always grouped according to port/service, rather than IP, as they should be.Hi dan, After a quick look it seems that this is a bug in NSE get_info() function. A patch is attached it should handle IPv6 addresses. -- tixxdz http://opendz.org
Index: nse_nsock.cc =================================================================== --- nse_nsock.cc (revision 23761) +++ nse_nsock.cc (working copy) @@ -737,13 +737,14 @@ int status; int protocol; // tcp or udp int af; // address family - struct sockaddr local; - struct sockaddr remote; + struct sockaddr_storage local; + struct sockaddr_storage remote; char *ipstring_local = (char *) lua_newuserdata(L, sizeof(char) * INET6_ADDRSTRLEN); char *ipstring_remote = (char *) lua_newuserdata(L, sizeof(char) * INET6_ADDRSTRLEN); status = nsi_getlastcommunicationinfo(nu->nsiod, &protocol, &af, - &local, &remote, sizeof(sockaddr)); + (struct sockaddr*)&local, (struct sockaddr*)&remote, + sizeof(struct sockaddr_storage));
Using sockaddr there is definitely a bug. Please commit your patch, Djalal. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE][patch] Bug in broadcast-dns-service-discovery and dnssd.lua Daniel Miller (Jun 09)
- Re: [NSE] Bug in get_info() socket info (was bug in broadcast-dns-service-discovery and dnssd.lua) Djalal Harouni (Jun 09)
- Re: [NSE] Bug in get_info() socket info (was bug in broadcast-dns-service-discovery and dnssd.lua) David Fifield (Jun 09)
- Re: [NSE][patch] Bug in broadcast-dns-service-discovery and dnssd.lua Daniel Miller (Jun 13)
- Re: [NSE][patch] Bug in broadcast-dns-service-discovery and dnssd.lua Djalal Harouni (Jun 13)
- Re: [NSE][patch] Bug in broadcast-dns-service-discovery and dnssd.lua Patrik Karlsson (Jun 13)
- Re: [NSE][patch] Bug in broadcast-dns-service-discovery and dnssd.lua Djalal Harouni (Jun 13)
- Re: [NSE][patch] Bug in broadcast-dns-service-discovery and dnssd.lua Patrik Karlsson (Jun 13)
- Re: [NSE][patch] Bug in broadcast-dns-service-discovery and dnssd.lua Patrik Karlsson (Jun 13)
- Re: [NSE][patch] Bug in broadcast-dns-service-discovery and dnssd.lua Djalal Harouni (Jun 13)
- Re: [NSE] Bug in get_info() socket info (was bug in broadcast-dns-service-discovery and dnssd.lua) Djalal Harouni (Jun 09)
- Re: [NSE][patch] Bug in broadcast-dns-service-discovery and dnssd.lua Daniel Miller (Jun 15)
- Re: [NSE][patch] Bug in broadcast-dns-service-discovery and dnssd.lua Patrik Karlsson (Jun 15)