Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: New patch for XML output
From: "João Medeiros" <ignotus21 () gmail com>
Date: Fri, 14 Dec 2007 08:10:14 -0300

Hi David,

    I don't know if you the the topic [0] that I talk about the
problem. In it the reason to do this is explained. I don't understand
if you mean that is not necessary escape this, or if exists a better
way to solve the problem. If it's the first, please read the link

[0] http://seclists.org/nmap-dev/2007/q4/0572.html

Att, João Medeiros.

On Dec 14, 2007 4:32 AM, David Fifield <david () bamsoftware com> wrote:
On Wed, Dec 12, 2007 at 07:35:25AM -0300, Jo?o Medeiros wrote:
    Latter I see that osfingerprint write code don't use
xml_converter. Then, I do it and cut the start '\n'. The patch for
Nmap 4.49RC7 is attached.

--- nmap-4.49RC7/output.cc      2007-10-27 21:05:03.000000000 -0300
+++ nmap-4.49RC7/output.cc.new  2007-12-12 07:18:26.000000000 -0300
@@ -798,6 +798,15 @@
   for (p = temp;(prevch = ch, ch = *str);str++) {
     char *a;
     switch (ch) {
+    case '\t':
+      a = "&#x9;";
+      break;
+    case '\r':
+      a = "&#xd;";
+      break;
+    case '\n':
+      a = "&#xa;";
+      break;
     case '<':
       a = "&lt;";

I don't see any reason to escape '\t', '\r', and '\n'. Even inside
attribute values they are okay.

@@ -1559,11 +1568,11 @@
   } else { assert(0); }

   if (o.debugging || o.verbose) {
-    log_write(LOG_XML,"<osfingerprint fingerprint=\"\n%s\" />\n",
-             mergeFPs(FPR->FPs, FPR->numFPs, false,
+    log_write(LOG_XML,"<osfingerprint fingerprint=\"%s\" />\n",
+             xml_convert(mergeFPs(FPR->FPs, FPR->numFPs, false,
                       currenths->v4hostip(), distance, currenths->MACAddress(),
                       FPR->osscan_opentcpport, FPR->osscan_closedtcpport, FPR->osscan_closedudpport,
-                      false));
+                      false)));

   log_write(LOG_XML, "</os>\n");

xml_convert returns a pointer to dynamically allocated memory so you
have to call free on it after using.

OS fingerprints can't contain any forbidden characters at the moment,
but it's better to be safe than sorry. I committed a modified patch that
frees the allocated memory and doesn't remove the initial newline (I
think it looks better to keep it).

David Fifield

Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]