Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NDiff] ndiff.dtd invalid

From: David Fifield <david () bamsoftware com>
Date: Wed, 2 Feb 2011 21:05:55 -0800
On Wed, Feb 02, 2011 at 03:55:34PM -0600, Daniel Miller wrote:

Hey list,

Two issues here:
1. The ndiff/docs/ndiff.dtd DTD is invalid with regard to the XML
generated by Ndiff as of r22140. Patch:

--- ndiff/docs/ndiff.dtd    2010-05-13 14:45:58.209638395 -0500
+++ ../ndiff.dtd    2011-02-02 15:20:33.487421222 -0600
@@ -124,6 +124,6 @@

<!ELEMENT hostscript (script | a | b)*>

-<!ENTITY % diff-elem "(host | hostname | extraports* | port | state
| service | script | os | osmatch* | hostscript)">
+<!ENTITY % diff-elem "(address | status | host | hostname |
extraports* | port | state | service | script | os | osmatch* |
hostscript)">
<!ELEMENT a %diff-elem;>
<!ELEMENT b %diff-elem;>

2. The XML generated by Ndiff is invalid according to the DTD. All
<script> elements are expected to be children of <a>, <b>,
<hostscript>, or <port> elements, but ndiff is producing sequences
like this:
<a>
<script id="ipidseq" output="All zeros"/>
<script id="sniffer-detect" output="Likely in promiscuous mode
(tests: &quot;11111111&quot;)"/>
<hostscript/>
</a>

Found the error, patch:


Thanks Daniel. Both your observations were quite right. I applied your
patches.

While testing, I saw that Ndiff didn't handle prerule and postrule
script output, so I added that.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: