Nmap Development mailing list archives
XML encoding fixes
From: Colin Phipps <cph () netcraft com>
Date: Fri, 5 Oct 2001 11:22:58 +0100
Some time ago we ran into problems using the XML output from nmap, because validating XML parsers insist on correct encoding of special characters in the data. The OS signatures in particular often contain characters like &. Patch attached which fixes the problems we ran into. We did these some time ago but I've only just got around to cleaning them up and submitting them. -- Colin Phipps PGP 0x689E463E http://www.netcraft.com/
diff -pru nmap-2.54BETA29-orig/nmap.c nmap-2.54BETA29/nmap.c
--- nmap-2.54BETA29-orig/nmap.c Thu Sep 27 11:08:44 2001
+++ nmap-2.54BETA29/nmap.c Thu Sep 27 11:17:58 2001
@@ -1033,7 +1033,12 @@ int nmap_main(int argc, char *argv[]) {
log_write(LOG_NORMAL|LOG_MACHINE|LOG_XML, "%s (V. %s) scan initiated %s as: ", NMAP_NAME, NMAP_VERSION, mytime);
- for(i=0; i < argc; i++) log_write(LOG_NORMAL|LOG_MACHINE|LOG_XML,"%s ", fakeargv[i]);
+ for(i=0; i < argc; i++) {
+ char *p = xml_convert(fakeargv[i]);
+ log_write(LOG_XML,"%s ", p);
+ free(p);
+ log_write(LOG_NORMAL|LOG_MACHINE,"%s ", fakeargv[i]);
+ }
log_write(LOG_XML, "-->");
log_write(LOG_NORMAL|LOG_MACHINE|LOG_XML,"\n");
diff -pru nmap-2.54BETA29-orig/output.c nmap-2.54BETA29/output.c
--- nmap-2.54BETA29-orig/output.c Fri Aug 10 06:53:08 2001
+++ nmap-2.54BETA29/output.c Thu Sep 27 11:21:42 2001
@@ -220,6 +220,44 @@ void printportoutput(struct hoststruct *
log_write(LOG_XML, "</ports>\n");
}
+char* xml_convert (const char* str) {
+ unsigned int i;
+ char *temp, ch, prevch = 0, *p;
+ temp = malloc(strlen(str)*6+1);
+ for (p = temp;(prevch = ch, ch = *str);str++) {
+ char *a;
+ switch (ch) {
+ case '<':
+ a = "<";
+ break;
+ case '>':
+ a = ">";
+ break;
+ case '&':
+ a = "&";
+ break;
+ case '"':
+ a = """;
+ break;
+ case '\'':
+ a = "'";
+ break;
+ case '-':
+ if (prevch == '-') { /* Must escape -- for comments */
+ a = "-";
+ break;
+ }
+ default:
+ *p++ = ch;
+ continue;
+ }
+ strcpy(p,a); p += strlen(a);
+ }
+ *p = 0;
+ temp = realloc(temp,strlen(temp)+1);
+ return temp;
+}
+
/* Write some information (printf style args) to the given log stream(s) */
void log_write(int logt, const char *fmt, ...)
{
@@ -538,14 +576,17 @@ void printosscanoutput(struct hoststruct
if (currenths->FPR.overall_results == OSSCAN_SUCCESS) {
if (currenths->FPR.num_perfect_matches > 0) {
+ char *p;
log_write(LOG_MACHINE,"\tOS: %s", currenths->FPR.prints[0]->OS_name);
log_write(LOG_XML, "<osmatch name=\"%s\" accuracy=\"100\" />\n",
- currenths->FPR.prints[0]->OS_name);
+ p = xml_convert(currenths->FPR.prints[0]->OS_name));
+ free(p);
i = 1;
while(currenths->FPR.accuracy[i] == 1 ) {
log_write(LOG_MACHINE,"|%s", currenths->FPR.prints[i]->OS_name);
log_write(LOG_XML, "<osmatch name=\"%s\" accuracy=\"100\" />\n",
- currenths->FPR.prints[i]->OS_name);
+ p = xml_convert(currenths->FPR.prints[i]->OS_name));
+ free(p);
i++;
}
@@ -572,10 +613,12 @@ void printosscanoutput(struct hoststruct
for(i=1; i < 10 && currenths->FPR.num_matches > i &&
currenths->FPR.accuracy[i] >
currenths->FPR.accuracy[0] - 0.10; i++) {
+ char *p;
log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT,", %s (%d%%)", currenths->FPR.prints[i]->OS_name, (int)
(currenths->FPR.accuracy[i] * 100));
log_write(LOG_XML, "<osmatch name=\"%s\" accuracy=\"%d\" />\n",
- currenths->FPR.prints[i]->OS_name,
+ p = xml_convert(currenths->FPR.prints[i]->OS_name),
(int) (currenths->FPR.accuracy[i] * 100));
+ free(p);
}
log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, "\n");
}
diff -pru nmap-2.54BETA29-orig/output.h nmap-2.54BETA29/output.h
--- nmap-2.54BETA29-orig/output.h Fri Aug 10 06:53:08 2001
+++ nmap-2.54BETA29/output.h Thu Sep 27 11:13:03 2001
@@ -129,4 +129,5 @@ void printosscanoutput(struct hoststruct
void printfinaloutput(int numhosts_scanned, int numhosts_up,
time_t starttime);
+char* xml_convert (const char* str);
#endif /* OUTPUT_H */
--------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- XML encoding fixes Colin Phipps (Oct 05)
- Re: XML encoding fixes Fyodor (Oct 05)