Re: Persistent NSE registry

[David Fifield <david () bamsoftware com>]

On Tue, Nov 18, 2008 at 12:11:31AM -0700, David Fifield wrote:
> Currently the NSE registry doesn't persist across host groups, the
> chunks of varying size that Nmap processes sequentially. You can see
> this by running an experiment like
>
>       nmap --script=whois -sP --max-hostgroup 3 stanford.edu/28
>
> whois.nse caches results in the registry. The whois results are the same
> for each host, so ideally you should see the results for one host and
> all the rest should say "See the result for 171.67.22.XX." But because
> we've limited the size of host groups to 3, every third host requires a
> whois query and prints duplicate information.
>
> I made a simple change to keep the registry in between host groups. I'm
> posting it here to solicit comments and see if there are any side
> effects. All I do is initialize a single Lua state the first time
> scritp_scan is called, and keep using it thereafter. This also avoid
> reinitializing the script arguments every time. Previously a new state
> was created for each host group.

I committed a patch like the one I proposed. I thank Patrick for helping
me understand the code and getting me to think through some things.

I tried inducing script crashes to find an error that would require a
brand new Lua state. NSE handled gracefully name errors in scripts and
explicit lua_error calls in C functions. I don't know if it's possible
for a more severe crash, such as running out of memory, to mess up the
engine such that it can't run any more scripts using the same state. I
wasn't able to cause an error bad enough to get the "Aborting script
scan" message.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org