Nmap Development mailing list archives
Re: -p option doesn't reject certain invalid inputs
From: doug () hcsw org
Date: Wed, 28 May 2008 15:27:16 -0700
On Wed, May 28, 2008 at 08:49:22AM -0600 or thereabouts, David Fifield wrote:
I found that the -p option doesn't reject stray ] characters in its input, and in fact ignores anything after it finds one.
Thanks for finding this. I just committed a tiny patch that adds
better error checking:
$ svn diff nmap.cc
Index: nmap.cc
===================================================================
--- nmap.cc (revision 7740)
+++ nmap.cc (working copy)
@@ -2321,7 +2321,10 @@
/* Find the next range */
while(isspace((int) *current_range)) current_range++;
- if (*current_range == ']') return;
+ if (*current_range == ']') {
+ if (!nested) fatal("Unexpected ] character in port/protocol specification");
+ return;
+ }
if (*current_range && *current_range != ',') {
fatal("Error #488: Your port specifications are illegal. Example of proper form: \"%s\"", syntax_example);
Doug
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- -p option doesn't reject certain invalid inputs David Fifield (May 28)
- Re: -p option doesn't reject certain invalid inputs doug (May 28)