Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: 4.85BETA2 posted to Nmap download page - please test

From: Brandon Enright <bmenrigh () ucsd edu>
Date: Tue, 3 Feb 2009 00:25:41 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[I apologize for continuing to reply to my own emails.  I'd prefer to
troubleshoot "out loud" so that the list knows I'm working on things
and trying to make progress.]

On Mon, 2 Feb 2009 23:52:23 +0000
Brandon Enright <bmenrigh () ucsd edu> wrote:


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



It looks like tab.lua is also using arg[]:

SCRIPT ENGINE (290.192s): ./scripts/rpcinfo.nse against a.b.1.90:111
ended with error: ./nselib/tab.lua:70: attempt to index global
'arg' (a nil value)

I'm working on narrowing down the memory-hogging script right now.

Brandon



I have not yet been able to reproduce the memory issue.  It was able
to get it to go 3 or 4 times in a row when I reported the problem
several days ago but now I've run several dozen of the same scan
against a few hosts and haven't seen the issue.

I did run into this though:

SCRIPT ENGINE (506.424s): ./scripts/pop3-capabilities.nse against
a.b.1.47:995 ended with error: ./scripts/pop3-capabilities.nse:32:
bad argument #1 to 'pairs' (table expected, got string)

I didn't look at the code for the script but let me know if I can
provide any more info to help track the problem down.

I'll keep trying to reproduce the memory issue.

Brandon



Okay so I *still* haven't been able to get the memory issue to come
up again.  However, I just run into (for the first time) a infinite
loop(?) issue with NSE.  Basically what happened is the Nmap process
started using 100% of the CPU, NSE stopped making an progress reporting:

SCRIPT ENGINE Timing: About 78.91% done; ETC: 00:13 (0:01:04 remaining)
SCRIPT ENGINE Timing: About 78.91% done; ETC: 00:13 (0:01:12 remaining)
...snip...
SCRIPT ENGINE Timing: About 78.91% done; ETC: 00:15 (0:01:36 remaining)
SCRIPT ENGINE Timing: About 78.91% done; ETC: 00:16 (0:01:44 remaining)

Then, a host would timeout:

SCRIPT ENGINE (1293.934s): Stopped ./scripts/pop3-brute.nse against a.b.1.47:10101 because of host timeout.
SCRIPT ENGINE (1293.934s): Stopped ./scripts/pop3-capabilities.nse against a.b.1.47:10101 because of host timeout.
...snip...
SCRIPT ENGINE (1293.934s): Stopped ./scripts/banner.nse against a.b.1.47:25 because of host timeout.
SCRIPT ENGINE (1293.934s): Stopped ./scripts/smtp-open-relay.nse against a.b.1.47:25 because of host timeout.

Then more zero-progress would be made:

SCRIPT ENGINE Timing: About 83.67% done; ETC: 00:16 (0:01:21 remaining)
SCRIPT ENGINE Timing: About 83.67% done; ETC: 00:17 (0:01:27 remaining)

Then another host would timeout, and so on until all hosts timed out.

Once the Nmap process hit 100% it stayed there for about 10 minutes,
not a single script finished other than the ones that were timed out.
That says to me that no script was really running and that something in
the engine was eating all the cycles and preventing scripts from making
progress.

I could try sending a sig ABRT to make the process coredump if anyone
though a coredump would help to analyze the state Nmap is in the next
time something like this happens.

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkmHjwsACgkQqaGPzAsl94J3PACfQCbh740n+uRVzBWfj/oGbUVr
/94An0sxKwzgvf99/6ZYOIVnOwgfZnFn
=iHK0
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: