Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Fwd: Sean Rivera Progress report 13/17

From: sean rivera <sean.au.rivera () gmail com>
Date: Tue, 24 Jul 2012 12:04:05 -0600
These are good tests to run. It looks like you're making progress.

delay has type int, so I'm confused by what you're saying about delay <=
1.
Does that mean you have tried, for example, delay = 0.5? Isn't the
compiler rounding that to an int? It seems the only reasonable values to
test are 1 and 0.



Delay might have type int, however the --delay flag for nping defaults
to seconds. Thus when I say that I set delay to 1 I actually set the
delay variable to 1000. That is what I meant by testing delay <= 1.


It will probably help your debugging to track nsock_event_ids. These are
just long ints. An nsock_event_id is returned, for example, from
nsock_timer_create. Print out that id, and then add some debugging code
to print the id in nping_event_handler. Then you can surely match up
event creation and deletion.

You can also get tons of Nsock debugging output by increasing the value
given to nsp_settrace in nping/ProbeMode.cc.



Alright, I will track those down.


From my testing so far I think the race condition is a combo of the


"nsock_pcap_read_packet(nsp, pcap_nsi, nping_event_handler,
o.getDelay(),
NULL);"

scheduled event and the

"nsock_timer_create(nsp, nping_event_handler, 1, &pkts2send[pc]);"

that is called only on the first time.

I am also pretty sure that it is because of that hard coded 1 for time
out.
(Every other time it is o.getDelay() but I'll need to test that.


The constant timeout of 1 ms might have something to do with it. It
seems that instead of directly sending the first probe, we schedule a
timer with a negligible timeout, which does the actual send when it
expires? I guess that is for uniformity with how the subsequent probes
are sent. But maybe we should just send the first probe? Or use a
timeout of 0? (But check if a timeout of 0 has a special meaning first.)



I've checked timeout of 0 which does not have any special effect. It
also doesn't really effect the first probe sent at all.


David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/





--

~Sean Rivera
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: