Re: Bug in Parallel DNS resolution in Nmap 4.50?

[Brandon Enright <bmenrigh () ucsd edu>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I haven't chimed in about this potential bug before because I haven't
been able to reproduce it.  Until now.

It seems more than one DNS server is needed to trigger this bug.  To
test before, I would -sL scan a /17 with --randomize-hosts (16384 hosts
at a time) but the name resolution would always work.

I just tried using -iR 8192 though and was able to make it stick (every
time) at around 12%..


I have included TWO runs with back-traces below.  If I find time
during the week, I'll poke at this some more.

Brandon

<nmap hangs so I hit ^c>
Program received signal SIGINT, Interrupt.
addto_etchosts (ip=2941917123, 
    hname=0x7fffdb759740 "195-23-90-175.net.novis.pt") at nmap_dns.cc:1041
1041        for(i = 0; i < HASH_TABLE_SIZE; i++) {

(gdb) bt
#0  addto_etchosts (ip=2941917123, 
    hname=0x7fffdb759740 "195-23-90-175.net.novis.pt") at nmap_dns.cc:1041
#1  0x000000000045d5e6 in process_result (ia=2941917123, 
    result=0x7fffdb759740 "195-23-90-175.net.novis.pt", action=0, id=21650)
    at nmap_dns.cc:546
#2  0x000000000045da1b in read_evt_handler (nsp=<value optimized out>, 
    evt=<value optimized out>, nothing=<value optimized out>)
    at nmap_dns.cc:766
#3  0x0000000000476eca in msevent_dispatch_and_delete (nsp=0x10174d0, 
    nse=0x101a3a0, notify=<value optimized out>) at nsock_event.c:297
#4  0x00000000004754fd in nsock_loop (nsp=0x10174d0, msec_timeout=500)
    at nsock_core.c:907
#5  0x000000000045ccd7 in nmap_mass_rdns_core (targets=<value optimized out>, 
    num_targets=8192) at nmap_dns.cc:1234
#6  0x000000000045d319 in nmap_mass_rdns (targets=0x7773b0, num_targets=8192)
    at nmap_dns.cc:1295
#7  0x0000000000420ad7 in nexthost (hs=0x737160, exclude_group=0x0, 
    ports=<value optimized out>, pingtype=1) at targets.cc:612
#8  0x000000000041c4bf in nmap_main (argc=6, argv=0x7fffdb7606c8)
    at nmap.cc:1563
#9  0x000000000041877d in main (argc=6, argv=0x7fffdb7606c8) at main.cc:227



<nmap hangs so I hit ^c>
Program received signal SIGINT, Interrupt.
0x000000000045c0a2 in addto_etchosts (ip=1679181906, 
    hname=0x7fffed1b3190 "cc297877-b.deven1.ov.home.nl")
    at /usr/lib/gcc/x86_64-pc-linux-gnu/4.1.2/include/g++-v4/bits/stl_algo.h:188
188           while (__first != __last && !__pred(*__first))

(gdb) bt
#0  0x000000000045c0a2 in addto_etchosts (ip=1679181906, 
    hname=0x7fffed1b3190 "cc297877-b.deven1.ov.home.nl")
    at /usr/lib/gcc/x86_64-pc-linux-gnu/4.1.2/include/g++-v4/bits/stl_algo.h:188
#1  0x000000000045d5e6 in process_result (ia=1679181906, 
    result=0x7fffed1b3190 "cc297877-b.deven1.ov.home.nl", action=0, id=53399)
    at nmap_dns.cc:546
#2  0x000000000045da1b in read_evt_handler (nsp=<value optimized out>, 
    evt=<value optimized out>, nothing=<value optimized out>)
    at nmap_dns.cc:766
#3  0x0000000000476eca in msevent_dispatch_and_delete (nsp=0x10174d0, 
    nse=0x101a310, notify=<value optimized out>) at nsock_event.c:297
#4  0x00000000004754fd in nsock_loop (nsp=0x10174d0, msec_timeout=500)
    at nsock_core.c:907
#5  0x000000000045ccd7 in nmap_mass_rdns_core (targets=<value optimized out>, 
    num_targets=8192) at nmap_dns.cc:1234
#6  0x000000000045d319 in nmap_mass_rdns (targets=0x7773b0, num_targets=8192)
    at nmap_dns.cc:1295
#7  0x0000000000420ad7 in nexthost (hs=0x737160, exclude_group=0x0, 
    ports=<value optimized out>, pingtype=1) at targets.cc:612
#8  0x000000000041c4bf in nmap_main (argc=6, argv=0x7fffed1ba118)
    at nmap.cc:1563
#9  0x000000000041877d in main (argc=6, argv=0x7fffed1ba118) at main.cc:227

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.7 (GNU/Linux)

iD8DBQFHiudaqaGPzAsl94IRAvqcAJ43Wgc+X0neEItCPOtwu+qOGph9UwCdEFBS
C3ZFjheKwiIuvNutmGcLJVo=
=dund
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org