Re: NMap 7.40 Bug report, IPv6 OSscan causes fatal error on IOD deletion

["Reese, Robert" <reese () ece msstate edu>]

Dan,


Ok, great!  To be clear, the pending event was present for both Linux and Windows. It did not cause an error under 
Linux because it was placed on the normal queues, and the cleanup code already present handled that with no problem.


The event that gets left seems to be the very first PCAP read event of the IPV6 OS scan.  Events after this seem to be 
removed.


Bob



________________________________
From: Daniel Miller <bonsaiviking () gmail com>
Sent: Saturday, August 12, 2017 11:08 AM
To: Reese, Robert
Cc: dev () nmap org
Subject: Re: NMap 7.40 Bug report, IPv6 OSscan causes fatal error on IOD deletion

Bob,

Thanks for the report and the fix! This is good analysis. I've applied a simpler version of your fix in r36949 to clean 
up any remaining pcap read events when deleting an IOD. I will try to spend a little time looking at why the event was 
not deleted on Windows.

Dan

On Tue, Aug 8, 2017 at 10:00 AM, Reese, Robert <reese () ece msstate edu<mailto:reese () ece msstate edu>> wrote:
A bug-fix for this problem has been submitted via a pull request on Github.

https://github.com/nmap/nmap/pull/961


Thanks,

Bob Reese


Dr. Robert Reese
Associate Professor, ECE, Mississippi State University
US Mail: Box 9571, Miss State, MS 39762
Courier: 406 Hardy Rd, Simrall Bldg, Miss State, MS 39762
662 325 3154<tel:(662)%20325-3154>



From: Reese, Robert
Sent: Wednesday, August 02, 2017 10:21 AM
To: 'dev () nmap org<mailto:dev () nmap org>' <dev () nmap org<mailto:dev () nmap org>>
Subject: NMap 7.40 Bug report, IPv6 OSscan causes fatal error on IOD deletion

Executive summary:
(I looked for this error in the archives, found one reference, but this looks like a different solution).
Nmap 7.40 on Windows 7. Scan of two IPv6 hosts with OS detection enabled; OS detection on second host causes fatal 
error exit when it attempts to delete the IOD used by OS detection on the first host. The IOD delete function 
(nsock_iod.c/nsock_iod_delete function attempts to delete the nsock_iod, but it cannot find the pending event, so it 
aborts through fatal function in nsock/error.c with message ""Trying to delete NSI, but could not find the purportedly 
pending events on that IOD".

This was run with options:
nmap -oX -  -6  -F -d4  -T3 -O  --max-hostgroup 1 -iL hosts.txt 2> tmperr.txt

The max-hostgroup was limited to 1 to remove host parallelism. It seems to be immaterial which host is queried first.  
This is triggered by OS scan; the problem does not occur when the -O option is removed.

There are more details in the attached files, including debugging screenshots from Visual Studio 2013. I can debug this 
if I have a little help on how to proceed.

Thanks,

Bob R



Dr. Robert Reese
Associate Professor, ECE, Mississippi State University
US Mail: Box 9571, Miss State, MS 39762
Courier: 406 Hardy Rd, Simrall Bldg, Miss State, MS 39762
662 325 3154<tel:(662)%20325-3154>


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

________________________________

Spam<https://expert.stopspam.msstate.edu/canit/b.php?i=03TUg8rJX&m=c5f925e85b0c&c=s>
Not spam<https://expert.stopspam.msstate.edu/canit/b.php?i=03TUg8rJX&m=c5f925e85b0c&c=n>
Forget previous vote<https://expert.stopspam.msstate.edu/canit/b.php?i=03TUg8rJX&m=c5f925e85b0c&c=f>

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/