Nmap Development mailing list archives
Re: DNS decoding bug in dns-zone-transfer.nse fixed
From: Fyodor <fyodor () insecure org>
Date: Fri, 6 Feb 2009 12:33:25 -0800
On Fri, Feb 06, 2009 at 12:23:05PM -0700, David Fifield wrote:
Today I got a Zenmap crash report and was fortunate that the submitter agreed to send the XML file to me. I eventually traced the bug to dns-zone-transfer.nse of all places. There was a decoding bug (fixed in r12015) that caused all kinds of binary data to appear in script output. Some of it made it into the XML file and made the file non-well-formed. The bug was kind of interesting so I'll describe it here.
Good catch! I've also added the XML escaping problem and the infinite recursion bug to docs/TODO. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- DNS decoding bug in dns-zone-transfer.nse fixed David Fifield (Feb 06)
- Stack overflow in dns-zone-transfer.nse David Fifield (Feb 06)
- Re: Stack overflow in dns-zone-transfer.nse David Fifield (Feb 07)
- Re: Stack overflow in dns-zone-transfer.nse David Fifield (Feb 09)
- Re: DNS decoding bug in dns-zone-transfer.nse fixed Fyodor (Feb 06)
- Stack overflow in dns-zone-transfer.nse David Fifield (Feb 06)