Nmap Development mailing list archives
Re: Ncat segmentation fault with --ssl and --chat
From: David Fifield <david () bamsoftware com>
Date: Sat, 18 Jul 2009 22:55:14 -0600
On Fri, Jul 17, 2009 at 02:47:05PM +0200, Thomas Heßling wrote:
I just tried the new 5.00 release of Nmap and noticed a segmentation fault in the Ncat tool. Searching for this revealed nothing so I am writing to this list. It appears when I combine the --ssl and --chat option like follows: $ ncat --listen --ssl --chat localhost 10000 I can connect multiple times and chat but as soon as one client disconnects the others receive endless amounts of text like this: <user4> <user4> <user4> <user4> <user4> <user4> <user4> <user4> <user4> <user4> <user4> <user4> <user4> <user4> <user4> <user4> <user4> <user4> If any new connection to the listener is created Ncat exits with a segmentation fault. This does not happen if I omit the --ssl option and this also does not happen if I simulate the chat with: $ ncat --listen --ssl --broker localhost 10000 I tested this on an Ubuntu9.04-amd64 system with kernel 2.6.28 and libssl0.9.8g. If there's any more information you need let me know.
Thanks very much for the complete report. I believe that this is fixed in the latest Subversion version. I believe that is had the same cause as the problem in this thread: Ncat with ssl using 100% cpu http://seclists.org/nmap-dev/2009/q3/0019.html I just tried the above commands with the latest version and didn't get the repeated output nor a segmentation fault, and Valgrind reports no errors when one user disconnects and reconnects. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Ncat segmentation fault with --ssl and --chat Thomas Heßling (Jul 18)
- Re: Ncat segmentation fault with --ssl and --chat David Fifield (Jul 18)