Nmap Development mailing list archives

[Exp PATCH] Consolidation bug in traceroute

From: Kris Katterjohn <katterjohn () gmail com>
Date: Mon, 16 Apr 2007 10:27:40 -0500

Hey everyone,

I was playing with --traceroute, and found a bug that pops up when
consolidating (but not every time).  I attached a patch that works for
me (/nmap-exp/kris SVN r4658), and the rest of the email explains what
the bug is.


Here's the "bad" output:


Interesting ports on 72.14.207.99:
PORT   STATE SERVICE
80/tcp open  http

TRACEROUTE (using port 80/tcp)
HOP RTT    ADDRESS
1   1.60   192.168.10.1
2   56.55  68.216.200.149
3   57.91  68.216.200.101
4   66.60  205.152.241.150
5   61.61  65.83.239.52
6   66.94  65.83.236.38
7   65.27  65.83.238.35
8   65.61  65.83.236.60
9   66.61  65.83.237.223
10  67.01  66.249.95.167
11  79.14  72.14.238.139
12  84.84  66.249.94.234
13  89.13  72.14.236.213
14  97.43  72.14.233.115
15  114.54 72.14.236.130
16  103.71 72.14.236.130
17  104.58 72.14.207.99

Interesting ports on 65.83.239.52:
PORT   STATE  SERVICE
80/tcp closed http

TRACEROUTE (using port 80/tcp)
HOP RTT ADDRESS
1



The traceroute output just leaves "1" on the second host, without any
other hops or consolidated output.

With debugging enabled, it works fine:



Interesting ports on 64.233.167.99:
PORT   STATE SERVICE
80/tcp open  http

TRACEROUTE (using port 80/tcp)
HOP RTT    ADDRESS
1   1.53   192.168.10.1
2   53.88  68.216.200.149
3   56.58  68.216.200.101
4   123.37 205.152.241.150
5   63.57  65.83.239.52
6   67.31  65.83.236.38
7   67.17  65.83.238.35
8   65.49  65.83.236.60
9   67.99  65.83.237.223
10  67.58  72.14.236.12
11  88.10  64.233.175.98
12  92.30  72.14.232.53
13  99.22  64.233.175.26
14  91.15  64.233.167.99


Interesting ports on 65.83.239.52:
PORT   STATE  SERVICE
80/tcp closed http

TRACEROUTE (using port 80/tcp)
HOP RTT ADDRESS
1   --  192.168.10.1
2   --  68.216.200.149
3   --  68.216.200.101
4   --  205.152.241.150
5   --  65.83.239.52



All of the hops are taken from the reference trace, as it should.

Here's the output after the patch:



Interesting ports on 64.233.187.99:
PORT   STATE SERVICE
80/tcp open  http

TRACEROUTE (using port 80/tcp)
HOP RTT   ADDRESS
1   1.56  192.168.10.1
2   58.26 68.216.200.149
3   56.17 68.216.200.101
4   66.46 205.152.241.150
5   62.83 65.83.239.52
6   65.95 65.83.236.38
7   64.85 65.83.238.35
8   67.67 65.83.236.60
9   69.29 65.83.237.223
10  68.31 72.14.236.12
11  72.86 216.239.49.45
12  71.50 72.14.236.19
13  72.84 216.239.49.226
14  70.03 64.233.187.99

Interesting ports on 65.83.239.52:
PORT   STATE  SERVICE
80/tcp closed http

TRACEROUTE (using port 80/tcp)
HOP RTT   ADDRESS
1   --> 5


It's all taken from the reference trace, and consolidated.


I *think* the bug only occurs when all of the hops are taken from the
reference, but I'm not entirely sure.  That's the only time it has
happened to me.


Well, please test and let me know what you think!


Thanks,
Kris Katterjohn

Index: traceroute.cc
===================================================================
--- traceroute.cc       (revision 4657)
+++ traceroute.cc       (revision 4658)
@@ -977,8 +977,19 @@
         }
 
         /* If we cannot find a traceprobe we are probably still consolidating */
-        if ((it = tg->TraceProbes.find (ttl_count)) == tg->TraceProbes.end ())
-            continue;
+        if ((it = tg->TraceProbes.find (ttl_count)) == tg->TraceProbes.end ()) {
+               if (common_consolidation && ttl_count == tg->hopDistance) {
+                       if(ttl_count-2 == 1) {
+                               Tbl->addItemFormatted(row_count, RTT_COL, false, "--");
+                               Tbl->addItemFormatted(row_count, HOST_COL,false,  "%s", 
hostStr(commonPath[ttl_count-2]));
+                       } else {
+                               Tbl->addItemFormatted(row_count, RTT_COL, false, "--> %d", ttl_count-2);
+                       }
+                       break;
+               }
+
+               continue;
+       }
         /* Here we consolidate the probe that first matched the common path */
         if (ttl_count <= tg->consolidation_start)
             continue;

Attachment: signature.asc
Description: OpenPGP digital signature


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

[Exp PATCH] Consolidation bug in traceroute Kris Katterjohn (Apr 16)
- Re: [Exp PATCH] Consolidation bug in traceroute Eddie Bell (Apr 16)
  - Re: [Exp PATCH] Consolidation bug in traceroute Kris Katterjohn (Apr 16)
    - Re: [Exp PATCH] Consolidation bug in traceroute Eddie Bell (Apr 16)
    - Re: [Exp PATCH] Consolidation bug in traceroute Kris Katterjohn (Apr 16)
    - Re: [Exp PATCH] Consolidation bug in traceroute Eddie Bell (Apr 16)
    - Re: [Exp PATCH] Consolidation bug in traceroute Kris Katterjohn (Apr 16)
    - Re: [Exp PATCH] Consolidation bug in traceroute Eddie Bell (Apr 16)
    - Re: [Exp PATCH] Consolidation bug in traceroute Kris Katterjohn (Apr 16)
- Re: [Exp PATCH] Consolidation bug in traceroute Fyodor (Apr 24)