Nmap Development mailing list archives
Re: [patch] Bug in httpspider.LinkExtractor
From: Patrik Karlsson <patrik () cqure net>
Date: Tue, 22 May 2012 19:26:44 +0200
On Tue, May 22, 2012 at 6:03 PM, Daniel Miller <bonsaiviking () gmail com>wrote:
List, Two bugs and a code structure improvement in this patch to the httpspider library, found while working with the http-chrono script. First bug, the LinkExtractor portion of httpspider doesn't check for a negative maxdepth (indicating no limit), and rejects all links. Second bug, the withinhost and withindomain matching functions would throw an error when presented with a URL without a host portion. Example: <a href="http://">link</a>. I threw in a test for parsed_u.host == nil, assuming that that would fail either of the checks. Lastly, the attached patch fixes moves the function definition for validate_link out of the innermost loop of the LinkExtractor.parse function. It had been declared as a closure over url, then called on the very next line. I chose to move it to a method of the LinkExtractor class, in case it should ever need to be overridden, but it could have just as easily been inlined. Dan _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Thanks Dan! Great work. I committed the change as r28649. //Patrik -- Patrik Karlsson http://www.cqure.net http://twitter.com/nevdull77 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [patch] Bug in httpspider.LinkExtractor Daniel Miller (May 22)
- Re: [patch] Bug in httpspider.LinkExtractor Patrik Karlsson (May 22)