Nmap Development mailing list archives
Re: Bug in SMB when multiple scripts are connecting to same host
From: Chris Woodbury <woodbusy () gmail com>
Date: Mon, 18 Apr 2011 13:02:05 -0500
Ron, David- Are we waiting on something for this patch? I just noticed that it hadn't been committed, and I wanted to make sure it hadn't slipped through the cracks. -chris On Thu, Mar 31, 2011 at 2:00 PM, Ron <ron () skullsecurity net> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 So, I ran into this issue earlier this week and it drove me crazy. Unfortunately, I didn't have email/Internet access on site so I couldn't try the patch. Since there's already a bug there, and it's pretty annoying, I say let's add this patch and, on the off chance that it breaks something, we deal with it then. :) Ron On Thu, 31 Mar 2011 13:54:39 -0500 Chris Woodbury <woodbusy () gmail com> wrote:David- Sorry for the delay in getting back to you. You make a good point about the maintainability of all those unlocks. Fortunately, those two functions are already wrapped by another one, start_session(), so I've attached a patch that moves the mutex to that function. For good measure, I also threw in some comments warning users away from calling start_session_basic() and start_session_extended() directly. -chris On Tue, Mar 15, 2011 at 1:45 AM, David Fifield <david () bamsoftware com>wrote:On Mon, Feb 28, 2011 at 01:44:34PM -0600, Chris Woodbury wrote:Ron- Thanks for the response. Don't worry about the delay - 'better late than never' is my motto ;). I hadn't thought of the lockout implications of separate account lists; so, yes, you certainly wouldn't want to go that route. With that in mind, I put some more thought into it, and it seemstome that mutexes are the best approach. I made a patch that adds mutexes to start_session_basic() and start_session_extended(). My thinking was that the first script to gettherewould be responsible for finding the right account (or exhausting the possibilities), and that, once that was done, the other scripts couldfollowalong and already have that account waiting for their get_account() call.Ihad to put in an "unlock" before each of the short-circuit returns; so,it'snot exactly pretty, but it gets the job done.Could you rewrite this with wrapper functions to handle the mutexes, so as to get rid of the need to unlock at every single return? I'm afraid the way it's written now will be too hard to maintain. Ron, what do you think of Chris's solution? David Fifield-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) iEYEARECAAYFAk2UzzQACgkQ2t2zxlt4g/Q2qQCgrcvL0BSyeI1kxDWxjzh6PWTs eqEAnRMcbnV4S6c4DhrzkopZTMJPrz4W =lJpO -----END PGP SIGNATURE-----
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Bug in SMB when multiple scripts are connecting to same host Chris Woodbury (Apr 18)
- Re: Bug in SMB when multiple scripts are connecting to same host Ron (Apr 20)
- Re: Bug in SMB when multiple scripts are connecting to same host David Fifield (Apr 27)
- Re: Bug in SMB when multiple scripts are connecting to same host Ron (Apr 20)