Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Auto-closing XML tags, error messages in XML output

From: David Fifield <david () bamsoftware com>
Date: Tue, 13 Apr 2010 19:14:07 -0600
There is this TODO item:

o Nmap should probably always produce a well-formed XML file, even if
  it exits with a fatal() error.  In that case, the error should be
  included in the XML.  Right now, for example, if the network is
  down, the XML output will just stop (no closing tags) and Nmap will
  print something to STDERR like:
  nexthost: failed to determine route to 9.48.184.164
  QUITTING!

I merged what I've been working on in regard to this in r17300. Here's a
summary of the change.

XML output is now done through semi-structured function calls instead of
printf. The functions keep track of which elements are open (so they can
be closed on error) and automatically handle string escaping. Here's a
sample of the API. Complete documentation is in xml.cc.

        xml_open_start_tag("nmaprun");
        xml_attribute("scanner", "nmap");
        xml_attribute("args", "%s", command.c_str());
        xml_attribute("start", "%lu", (unsigned long) timep);
        xml_attribute("startstr", "%s", mytime);
        xml_attribute("version", "%s", NMAP_VERSION);
        xml_attribute("xmloutputversion", "1.03");
        xml_close_start_tag();
        xml_newline();

Because the library knows which elements are open, it can close them
automatically when an error occurs. This makes sure the XML file is at
least well-formed. Calling fatal or pfatal will close open elements.

Also with fatal and pfatal, the error message now also goes to XML
output as the "errormsg" attribute of the "finished" element. The "exit"
attribute is either "error" or "success" and the "summary" element holds
a string that was formerly in a comment. Examples:

<runstats><finished time="1271207617" timestr="Tue Apr 13 19:13:37 2010" elapsed="0.33" summary="Nmap done at Tue Apr 
13 19:13:37 2010; 0 IP addresses (0 hosts up) scanned in 0.33 seconds" exit="error" errormsg="Invalid character in host 
specification.  Note in particular that square brackets [] are no longer allowed.  They were redundant and can simply 
be removed."/><hosts up="0" down="0" total="0"/>
</runstats>

<runstats><finished time="1271207629" timestr="Tue Apr 13 19:13:49 2010" elapsed="0.43" summary="Nmap done at Tue Apr 
13 19:13:49 2010; 1 IP address (1 host up) scanned in 0.43 seconds" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: