Nmap Development mailing list archives

Re: Completed Lua 5.3 upgrade!

From: Patrick Donnelly <batrick () batbytes com>
Date: Sun, 26 Jun 2016 12:05:49 -0400

On Sun, Jun 26, 2016 at 8:16 AM, Daniel Miller <bonsaiviking () gmail com> wrote:

A couple more...

1. nmap-lua53/nselib/bin.lua:91: attempt to index a number value (field '?')
stack traceback:
        /home/miller/nmap/nmap-lua53/nselib/bin.lua:91: in function
</home/miller/nmap/nmap-lua53/nselib/bin.lua:78>
        [C]: in function 'string.gsub'
        /home/miller/nmap/nmap-lua53/nselib/bin.lua:135: in function
'bin.pack'
        /home/miller/nmap/nmap-lua53/nselib/pgsql.lua:525: in field
'sendStartup'
        /home/miller/nmap/nmap-lua53/nselib/pgsql.lua:610: in function
'pgsql.detectVersion'
        /home/miller/nmap/nmap-lua53/scripts/pgsql-brute.nse:89: in function
</home/miller/nmap/nmap-lua53/scripts/pgsql-brute.nse:72>
        (...tail calls...)

The line is: data = bin.pack(">IzzzzH", proto_ver, "user", user, "database",
database, 0)
So we could probably change the "H" specifier to "x", but there's still a
bug somewhere.


Fixed in the branch. Thanks!

2. nmap-lua53/nselib/stdnse.lua:87: bad argument #2 to 'format' (number has
no integer representation)
stack traceback:
        [C]: in function 'string.format'
        /home/miller/nmap/nmap-lua53/nselib/stdnse.lua:87: in function
'stdnse.debug'
        (...tail calls...)
        .../miller/nmap/nmap-lua53/scripts/http-slowloris-check.nse:153: in
function <.../miller/nmap/nmap-lua53/scripts/http-slowloris-check.nse:67>
        (...tail calls...)

Line is:
  local diff = TimeWith - TimeWithout
  stdnse.debug1("Time difference is: %d",diff)

Not sure what's wrong here, since both values come from nmap.clock(), which
should be a Unix timestamp. The difference should be easy to represent as an
integer. This might be a bug in the script and not really a problem with Lua
5.3 integration; please let me know.


Ugh, that might become a brutally common bug. The script's intention
is to truncate the number to an integer but Lua no longer allows that
via an integer specifier. Instead scripts should use "%.f". I'll look
around and fix the ones I find.

-- 
Patrick Donnelly
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re: Completed Lua 5.3 upgrade!, (continued)
- - Re: Completed Lua 5.3 upgrade! Daniel Miller (Jun 18)
    - Re: Completed Lua 5.3 upgrade! Patrick Donnelly (Jun 18)
  - Re: Completed Lua 5.3 upgrade! Daniel Miller (Jun 18)
    - Re: Completed Lua 5.3 upgrade! Patrick Donnelly (Jun 18)
    - Re: Completed Lua 5.3 upgrade! Patrick Donnelly (Jun 18)
  - Re: Completed Lua 5.3 upgrade! Patrick Donnelly (Jun 25)
    - Re: Completed Lua 5.3 upgrade! Jacek Wielemborek (Jun 25)
    - Re: Completed Lua 5.3 upgrade! Patrick Donnelly (Jun 26)
    - Re: Completed Lua 5.3 upgrade! Daniel Miller (Jun 25)
    - Re: Completed Lua 5.3 upgrade! Daniel Miller (Jun 26)
    - Re: Completed Lua 5.3 upgrade! Patrick Donnelly (Jun 26)
    - Re: Completed Lua 5.3 upgrade! Patrick Donnelly (Jun 26)
    - Re: Completed Lua 5.3 upgrade! Paulino Calderon (Jun 25)
    - Re: Completed Lua 5.3 upgrade! Patrick Donnelly (Jun 26)