Nmap Development mailing list archives
Re: [NSE][patch] Fix bugs in http.lua and sslcert.lua
From: Patrik Karlsson <patrik () cqure net>
Date: Fri, 15 Jun 2012 12:08:05 +0200
On Mon, Jun 11, 2012 at 6:19 PM, Daniel Miller <bonsaiviking () gmail com>wrote:
Hey List, 2 more bugs, with patches this time. First, parse_redirect in http.lua sometimes returns a url table without a path attribute, especially when parsing headers like this: Location: http://google.com The exceptions happened in several different scripts: ./nselib/http.lua:952: attempt to concatenate local 'path' (a nil value)stack traceback: ./nselib/http.lua:952: in function 'lookup_cache' ./nselib/http.lua:1395: in function 'get' ./scripts/http-auth.nse:54: in function <./scripts/http-auth.nse:49> (...tail calls...) ./nselib/http.lua:952: attempt to concatenate local 'path' (a nil value) stack traceback: ./nselib/http.lua:952: in function 'lookup_cache' ./nselib/http.lua:1395: in function 'get' ./scripts/http-title.nse:51: in function <./scripts/http-title.nse:47> (...tail calls...) ./nselib/http.lua:952: attempt to concatenate local 'path' (a nil value) stack traceback: ./nselib/http.lua:952: in function 'lookup_cache' ./nselib/http.lua:1395: in function 'get' ./scripts/http-title.nse:51: in function <./scripts/http-title.nse:47> (...tail calls...)Here is the fix: If u.path is not set, assume the root path ("/") Index: nselib/http.lua ==============================**==============================**======= --- nselib/http.lua (revision 28903) +++ nselib/http.lua (working copy) @@ -1334,6 +1334,9 @@ u.host, u.port = stdnse.get_hostname(host), port.number u.path = ((u.path:sub(1,1) == "/" and "" ) or "/" ) .. u.path -- ensuring leading slash end + if ( not(u.path) ) then + u.path = "/" + end if ( u.query ) then u.path = ("%s?%s"):format( u.path, u.query ) end The other bug was in sslcert.lua, and resulted in this exception: ./scripts/ssl-cert.nse:135: attempt to index local 'cert' (a nil value)stack traceback: ./scripts/ssl-cert.nse:135: in function 'parseCertificate' ./scripts/ssl-cert.nse:168: in function <./scripts/ssl-cert.nse:162> (...tail calls...)The cert is returned a few lines earlier from sslcert.getCertificate(), which is supposed to return a false status on failure. I added a check for a nil certificate to that function, and returned false in that case: Index: nselib/sslcert.lua ==============================**==============================**======= --- nselib/sslcert.lua (revision 28903) +++ nselib/sslcert.lua (working copy) @@ -200,7 +200,10 @@ end end local cert = socket:get_ssl_certificate() - + if cert == nil then + return false, "Unable to get cert" + end + host.registry["ssl-cert"] = host.registry["ssl-cert"] or {} host.registry["ssl-cert"][**port.number] = host.registry["ssl-cert"][**port.number] or {} host.registry["ssl-cert"][**port.number] = cert This should be the last of my bugfixes for today! Sorry for the flood of messages. Dan ______________________________**_________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/**mailman/listinfo/nmap-dev<http://cgi.insecure.org/mailman/listinfo/nmap-dev> Archived at http://seclists.org/nmap-dev/
Thanks for the fixes! Commited as r28943. //Patrik -- Patrik Karlsson http://www.cqure.net http://twitter.com/nevdull77 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE][patch] Fix bugs in http.lua and sslcert.lua Daniel Miller (Jun 11)
- Re: [NSE][patch] Fix bugs in http.lua and sslcert.lua Patrik Karlsson (Jun 15)