Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Why the "Linux goofiness" socket writability check?

From: David Fifield <david () bamsoftware com>
Date: Sat, 18 Jul 2009 22:03:15 -0600
On Sat, Jul 18, 2009 at 09:55:57PM -0600, David Fifield wrote:

On Sat, Jul 18, 2009 at 10:26:47PM -0500, Kris Katterjohn wrote:

On 07/18/2009 10:15 PM, David Fifield wrote:

Fyodor didn't remember what this code was for but it dates back to 2000
at least. (There was a problem with the permissions in the Subversion
repository, but Fyodor changed it and now you can see log messages going
back further.) We decided to remove it and see if it causes problems. It
is removed in r14426.


Upon first glance, the code starting around line 3692 of scan_engine.cc in
trunk contains the same logic (same comment anyway).  Just missed?


Thanks for seeing that. I didn't know it was in scan_engine.cc too.
There's a lot else besides--the Linux-specific code is almost 50 lines.
The zero-length write and this message:
      log_write(LOG_STDOUT, "Bad port %hu caught by 0-byte write: ", pport);
is present in Nmap from the original Phrack article.


There's another reference to the test in the Phrack article.

http://nmap.org/p51-11.html

signal(SIGPIPE, SIG_IGN); /* ignore SIGPIPE so our 'write 0 bytes' test
                             doesn't crash our program!*/

I think it is probably about detecting connect errors with nonblocking
sockets, which appears to be nontrivial. Here's an article.

http://cr.yp.to/docs/connect.html

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: