Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Assertion failure with dns-zone-transfer.nse / tab.lua

From: Brandon Enright <bmenrigh () ucsd edu>
Date: Sun, 22 Feb 2009 19:30:27 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sun, 22 Feb 2009 10:00:06 -0700 or thereabouts David Fifield
<david () bamsoftware com> wrote:


On Sun, Feb 22, 2009 at 07:51:22AM +0000, Brandon Enright wrote:

A few of our DNS servers are causing the DNS zone transfer script to
cause tab.lua to error out:

NSE (55.651s): dns-zone-transfer against 132.239.1.52:53 ended with
error: /home/bmenrigh/flexmap/nmap/svn/nmap//nselib/tab.lua:45:
assertion failed!

I haven't worked on getting a backtrace yet so if the problem isn't
immediately obvious I'll hack the traceback script up to provide
one. I might also be able to provide a pcap of the error, depending
on the privacy of the data contained in the pcap.


I guess that the next call up is

        -- answer domain
        offset, line = parse_domain(data, offset)
        tab.add(table, 1, line)

parse_domain (actually dns.decStr) returns nil when too many pointers
are needed to decompress a message. This is to prevent the infinite
recursion bug. The limit is 3, but maybe that needs to be higher. A
packet capture of the DNS message would be helpful.

David Fifield



Hmm, well it seems that when dns-zone-transfer tests for zone
transfers, it really does perform a zone transfer for all of our zones.

This produced almost 9000 packets at almost 9MB of capture.  It took
the wireshark DNS dissector a couple minutes to process the pcap. If
the problem isn't just a pointer count finding it is probably going to
be a needle-in-the-haystack search.

I don't feel comfortable making our zone available to the list so I'll
send you an email privately with a link.

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkmhp9oACgkQqaGPzAsl94IpdwCfVKWKZYSFyS+8HzdbUlNCZ6Ll
BaAAnikFkmBFqmYoFGnoiURlpJfr0kpU
=5/5B
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: