Nmap Development mailing list archives
Re: NSE Libraries and Global Accesses
From: David Fifield <david () bamsoftware com>
Date: Thu, 9 Jul 2009 19:03:02 -0600
On Thu, Jul 09, 2009 at 02:34:20AM -0600, Patrick Donnelly wrote:
In order to catch cases where a script indexes a global that does not (or should not) exist, I have created a bash script which will locate these problems (attached). Here is example output from before patch r14080. batrick@batbytes:~/nmap/svn/nmap$ ./check_globals | less Checking nselib/datafiles.lua for bad global accesses Found set global,'_', at line number 186. # ... Checking nselib/imap.lua for bad global accesses Found set global,'line', at line number 24. Found set global,'status', at line number 24. Found indexed global,'line', at line number 25. Found set global,'line', at line number 28. Found set global,'status', at line number 28. Found indexed global,'status', at line number 29. Found indexed global,'status', at line number 32. Found indexed global,'line', at line number 33. Found indexed global,'line', at line number 34. Found set global,'line', at line number 34. Found indexed global,'line', at line number 35. Found set global,'line', at line number 40. Found set global,'status', at line number 40. # ... That is only a small excerpt of the actual output; as I said earlier, the problem was widespread. I hope developers in the future will avail themselves use of this script so we no longer encounter this problem in the future. (Locals are your friend!)
This script is a great idea. I ran into this problem while running it: Checking nselib/base64.lua for bad global accesses awk: cmd. line:6: warning: escape sequence `\[' treated as plain `[' awk: cmd. line:6: warning: escape sequence `\]' treated as plain `]' Checking nselib/comm.lua for bad global accesses awk: cmd. line:6: warning: escape sequence `\[' treated as plain `[' awk: cmd. line:6: warning: escape sequence `\]' treated as plain `]' Apart from the warnings, it works and reports globals. I made the warnings go away with this patch: --- check_globals 2009-07-09 19:00:05.000000000 -0600 +++ check_globals.new 2009-07-09 19:02:10.000000000 -0600 @@ -33,7 +33,7 @@ if ($1 == "function") m = 0; if (m == 0 && ($3 == "SETGLOBAL" || $3 == "GETGLOBAL")) { - gsub("[\[\]]", "", $2); + gsub("[\\[\\]]", "", $2); printf "%s %s %s\n", $2, $3, $7; } }' | \ I have GNU Awk 3.1.3. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- NSE Libraries and Global Accesses Patrick Donnelly (Jul 09)
- Re: NSE Libraries and Global Accesses David Fifield (Jul 09)
- Re: NSE Libraries and Global Accesses Patrick Donnelly (Jul 15)
- Re: NSE Libraries and Global Accesses Fyodor (Jul 15)