Re: crash its not work hiks hikss...

[Daniel Miller <bonsaiviking () gmail com>]

On Sun, Apr 13, 2014 at 2:41 PM, Rachmat Gumilar <0906098 () sttgarut ac id>wrote:

> Version: 6.45
> Traceback (most recent call last):
>   File "zenmapGUI\ScanInterface.pyo", line 597, in verify_execution
>   File "zenmapGUI\ScanInterface.pyo", line 613, in load_from_command
>   File "zenmapCore\NmapParser.pyo", line 799, in parse_file
>   File "zenmapCore\NmapParser.pyo", line 793, in parse
>   File "xml\sax\expatreader.pyo", line 107, in parse
>   File "xml\sax\xmlreader.pyo", line 123, in parse
>   File "xml\sax\expatreader.pyo", line 207, in feed
>   File "xml\sax\expatreader.pyo", line 381, in external_entity_ref
>   File "xml\sax\saxutils.pyo", line 304, in prepare_input_source
>   File "urllib.pyo", line 86, in urlopen
>   File "urllib.pyo", line 207, in open
>   File "urllib.pyo", line 436, in open_https
>   File "httplib.pyo", line 954, in endheaders
>   File "httplib.pyo", line 814, in _send_output
>   File "httplib.pyo", line 776, in send
>   File "httplib.pyo", line 1157, in connect
>   File "socket.pyo", line 571, in create_connection
> IOError: [Errno socket error] [Errno 10060] A connection attempt failed
> because the connected party did not properly respond after a period of
> time, or established connection failed because connected host has failed to
> respond
> _______________________________________________
> Sent through the dev mailing list
> http://nmap.org/mailman/listinfo/dev
> Archived at http://seclists.org/nmap-dev/

This is a result of my adding a DOCTYPE definition to Nmap's XML output.
Apparently, Python's XML parser fetches the DTD every time it parses an XML
file. This patch will disable the DOCTYPE definition as a temporary fix,
but a better long-term fix would be altering Zenmap to use a custom
EntityResolver that either returns an in-memory DTD or resolves it to the
installed nmap.dtd.

diff --git a/nmap.cc b/nmap.cc
index febcca9..66b3eeb 100644
--- a/nmap.cc
+++ b/nmap.cc
@@ -1669,7 +1669,13 @@ int nmap_main(int argc, char *argv[]) {
   chomp(mytime);
   char *xslfname = o.XSLStyleSheet();
   xml_start_document();
+  /* This is causing problems with some XML parsers, especially Python's
+   * xml.sax used in Zenmap, because they automatically fetch the DTD every
+   * time they parse. Reference bug report for Python xml.sax:
+   * http://bugs.python.org/issue17318
+   *
   log_write(LOG_XML, "<!DOCTYPE nmaprun PUBLIC \"-//IDN nmap.org//DTD Nmap
XML %s//EN\" \"https://svn.nmap.org/nmap/docs/nmap.dtd\";>\n", NMAP_XMLOUTP
+  */
   if (xslfname) {
     xml_open_pi("xml-stylesheet");
     xml_attribute("href", "%s", xslfname);


Dan
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/