Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: nmap stuck in infinite loop
From: Fyodor <fyodor () insecure org>
Date: Thu, 16 Feb 2006 17:35:28 -0800

On Mon, Feb 13, 2006 at 10:24:30AM -0800, Ganga Bhavani wrote:

 I'm running nmap-3.95 in Windows xp system with the following command line parameter on Class B network. 

nmap -O -F -debug -debug -debug -debug 10.10.191.0/16. 

The nmap is executing in the infinite loop. It has been logging the following message for more than 30hrs. 

Thanks for the report.  Here is a patch which I hope solves the
problem:

--- scan_engine.cc      (revision 3120)
+++ scan_engine.cc      (working copy)
@@ -807,6 +807,7 @@
 
   /* Returns true if the GLOBAL system says that sending is OK.*/
 bool GroupScanStats::sendOK() {
+  int recentsends;
 
   if (USI->scantype == CONNECT_SCAN && CSI->numSDs >= CSI->maxSocketsAllowed)
     return false;
@@ -815,7 +816,9 @@
      the last listen call, at least for systems such as Windoze that
      don't give us a proper pcap time.  Also for connect scans, since
      we don't get an exact response time with them either. */
-  if (USI->scantype == CONNECT_SCAN || !pcap_recv_timeval_valid()) {
+  recentsends = USI->gstats->probes_sent - USI->gstats->probes_sent_at_last_wait;
+  if (recentsends > 0 && 
+      (USI->scantype == CONNECT_SCAN || !pcap_recv_timeval_valid())) {
     int to_ms = (int) MAX(to.srtt * .75 / 1000, 50);
     if (TIMEVAL_MSEC_SUBTRACT(USI->now, last_wait) > to_ms)
       return false;
@@ -828,7 +831,7 @@
      responses when I scan localhost.  And half of those are the @#$#
      sends being received.  I think I'll put a limit of 50 sends per
      wait */
-  if (USI->gstats->probes_sent - USI->gstats->probes_sent_at_last_wait >= 50)
+  if (recentsends >= 50)
     return false;
 
   /* When there is only one target left, let the host congestion
@@ -969,7 +972,7 @@
 
   getTiming(&tmng);
   if (tmng.cwnd >= num_probes_active + .5 && 
-      (freshPortsLeft() || num_probes_waiting_retransmit)) {
+      (freshPortsLeft() || num_probes_waiting_retransmit || !retry_stack.empty())) {
     if (when) *when = USI->now;
     return true;
   }

If you have a Windows development environment set up, would you apply
this patch and see if it resolves the problem?  If you aren't set up
for that, just let me know and I'll build Windows binaries with the
patch.  The next release will contain the patch too.

Cheers,
Fyodor


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault