Nmap Development mailing list archives
Assertion failure with zero-byte Nsock writes
From: David Fifield <david () bamsoftware com>
Date: Thu, 21 Jan 2010 18:38:00 -0700
You can crash Nmap with the following NSE script:
description = ""
categories = {}
require("nmap")
portrule = function() return true end
action = function(host, port)
local sock = nmap.new_socket()
sock:connect(host.ip, port.number)
sock:send("")
end
The error is the same one pyllyukko reported in
http://seclists.org/nmap-dev/2010/q1/193,
nmap: nsock_core.c:516: handle_write_result: Assertion `bytesleft > 0' failed.
The same thing can be done from C code that does a zero-byte
nsock_write.
Do we want to change this? Some alternatives are to treat this as a
normal, handleable Nsock error, to treat the call as a no-op (in the TCP
case) and return success immediately, or to just do a zero-byte send
with whatever behavior that may invoke.
I don't think that the assertion was meant to prohibit zero-byte write,
though it has that effect. It looks like it was meant to catch errors in
Nsock's internal buffering code, where the internal send routine
shouldn't be called again once the buffer is exhausted.
David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Current thread:
- Assertion failure with zero-byte Nsock writes David Fifield (Jan 21)
- Re: Assertion failure with zero-byte Nsock writes Fyodor (Jan 21)
- Re: Assertion failure with zero-byte Nsock writes David Fifield (Feb 15)
- Re: Assertion failure with zero-byte Nsock writes Fyodor (Jan 21)