Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] More library global problems

From: Patrik Karlsson <patrik () cqure net>
Date: Mon, 8 Feb 2010 09:41:35 +0100
On 8 feb 2010, at 03.53, Patrick Donnelly wrote:


So we have some more global access problems (See [1] for history):

batrick@batbytes:~/old-nmap$ nse_check_globals
Checking nselib/afp.lua for bad global accesses
       Found set global,'_', at line number 446.
       Found set global,'_', at line number 490.
Checking nselib/base64.lua for bad global accesses
Checking nselib/citrixxml.lua for bad global accesses
Checking nselib/comm.lua for bad global accesses
Checking nselib/datafiles.lua for bad global accesses
Checking nselib/dns.lua for bad global accesses
Checking nselib/http.lua for bad global accesses
       Found indexed global,'result', at line number 983.
Checking nselib/imap.lua for bad global accesses
Checking nselib/ipOps.lua for bad global accesses
Checking nselib/listop.lua for bad global accesses
Checking nselib/match.lua for bad global accesses
Checking nselib/mongodb.lua for bad global accesses
       Found indexed global,'_dict_to_bson', at line number 79.
       Found indexed global,'element', at line number 103.
       Found set global,'element', at line number 103.
       Found indexed global,'statuts', at line number 412.
Checking nselib/msrpc.lua for bad global accesses
       Found indexed global,'thenquerydomaininfo2_result_12', at line
number 3730.
Checking nselib/msrpcperformance.lua for bad global accesses
Checking nselib/msrpctypes.lua for bad global accesses
Checking nselib/mysql.lua for bad global accesses
Checking nselib/netbios.lua for bad global accesses
Checking nselib/nsedebug.lua for bad global accesses
Checking nselib/packet.lua for bad global accesses
Checking nselib/pop3.lua for bad global accesses
Checking nselib/proxy.lua for bad global accesses
Checking nselib/shortport.lua for bad global accesses
Checking nselib/smb.lua for bad global accesses
Checking nselib/smbauth.lua for bad global accesses
Checking nselib/snmp.lua for bad global accesses
Checking nselib/ssh1.lua for bad global accesses
Checking nselib/ssh2.lua for bad global accesses
Checking nselib/stdnse.lua for bad global accesses
Checking nselib/strbuf.lua for bad global accesses
Checking nselib/strict.lua for bad global accesses
Checking nselib/tab.lua for bad global accesses
Checking nselib/unpwdb.lua for bad global accesses
Checking nselib/url.lua for bad global accesses

I fixed most of these in r16700-16703. I don't know how to fix this one:

Checking nselib/mongodb.lua for bad global accesses
       Found indexed global,'_dict_to_bson', at line number 79.

There are other problems such as afp.lua (mentioned on IRC by Patrik)
using a request_id global to keep track of the current id for a
packet. This need to be changed to per script thread data. This is
partially explored in a new section in the Nmap book I recently
committed (and will be online soonish?). You can get by with using
coroutine.running as keys in a weak keyed local table to hold this
data. (Whether you use stdnse.base or coroutine.running is subject to
your design.)

[1] http://seclists.org/nmap-dev/2009/q3/70


Thanks! I've attached a proposed patch that uses a fully weak local table to store the request id's. I would appreciate 
your comments before committing.

//Patrik

Attachment: afp-coroutine.patch
Description: 



-- 
- Patrick Donnelly
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


--
Patrik Karlsson
http://www.cqure.net





_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: