Re: NSE Host Groups and Previous Host Accessibility

[David Fifield <david () bamsoftware com>]

On Fri, Aug 28, 2009 at 04:54:31PM -0400, Patrick Donnelly wrote:
> On Fri, Aug 28, 2009 at 4:27 PM, David Fifield<david () bamsoftware com> wrote:
> > On Wed, Aug 26, 2009 at 09:05:19PM -0400, Patrick Donnelly wrote:
> > > Right now NSE keeps old hosts in the "current_hosts" table (in the Lua
> > > Registry [1]) even after the current host group has finished. This
> > > means that scripts can modify these hosts (change port version, port
> > > state, etc.) in a different host group. There are possibly some good
> > > reasons for doing this and possibly some scripts already doing this. I
> > > wondered if anyone would be against disallowing the use of hosts from
> > > an old host group (as I believe it was originally intended) in the
> > > future.
> >
> > If you can modify hosts from previous host groups I think that's
> > contrary to intention. These are hosts whose output has already been
> > printed, after all. Do these records never go away, and keep consuming
> > memory?
>
> I just checked, the Targets are freed after results are printed. So,
> when a script in another hostgroup tries to use a freed host we will
> have some memory problems. I confirmed this with valgrind. I'll go
> ahead and fix this.

Thanks, and good job tracking it down.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org