Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Error in http.lua's chunked encoding

From: Ron <ron () skullsecurity net>
Date: Thu, 20 Aug 2009 11:07:15 -0500
On 08/18/2009 01:35 PM, David Fifield wrote:

On Tue, Aug 18, 2009 at 01:03:59AM -0300, Joao Correa wrote:
Breaking the response stream on anything that looks like a Status-Line
is really wrong. What if a response contains "HTTP/1.1 200" in the body?
What if the body doesn't end in a newline, so that the Status-Line of
the next response doesn't come at the beginning of a line? Responses to
pipelined requests are supposed to either have a Content-Length or use
the chunked Transfer-Encoding, both of which allow you to find the
length of the body and the start of the next response. The get_chunks
iterator returns the offset after the last chunk so you can start
parsing the next response there.


I just ran into a bug that I traced back to exactly this code.

Jaoa, have you made any progress on fixing this?

Thanks!
Ron

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: