Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets
From: Fyodor <fyodor () insecure org>
Date: Wed, 23 Apr 2008 20:30:30 -0700

I just checked in this fix, which seems to fix the problem in my
testing.  I moved the Nmap srand to be much earlier in the code to
reduce the chances of it clobbering other srand() calls, and I also
made it unique from the srand() call used by nbase.  Thanks to Jah and
Brandon for your help.

Index: main.cc
===================================================================
--- main.cc     (revision 7181)
+++ main.cc     (working copy)
@@ -157,7 +157,6 @@
   char *endptr;
   int interactivemode = 0;
   int fd;
-  struct timeval tv;
   int arglen = 0;
 
 #ifdef __amigaos__
@@ -180,10 +179,6 @@
   mtrace();
 #endif
 
-  /* You never know when "random" numbers will come in handy ... */
-  gettimeofday(&tv, NULL);
-  srand((tv.tv_sec ^ tv.tv_usec) ^ getpid());
-
   /* Trap these sigs for cleanup */
 #if HAVE_SIGNAL
   signal(SIGINT, sigdie);
Index: nmap.cc
===================================================================
--- nmap.cc     (revision 7181)
+++ nmap.cc     (working copy)
@@ -505,6 +505,7 @@
   size_t sslen;
   int option_index;
   bool iflist = false;
+  struct timeval tv;
 
   // Pre-specified timing parameters.
   // These are stored here during the parsing of the arguments so that we can
@@ -647,6 +648,11 @@
   fakeargv[argc] = NULL;
 
   if (argc < 2 ) printusage(argv[0], -1);
+
+  /* You never know when "random" numbers will come in handy ... */
+  gettimeofday(&tv, NULL);
+  srand((tv.tv_sec ^ tv.tv_usec) ^ getpid() + 31337);
+
   Targets.reserve(100);
 #ifdef WIN32
   win_pre_init();
Index: CHANGELOG
===================================================================
--- CHANGELOG   (revision 7181)
+++ CHANGELOG   (working copy)
@@ -1,5 +1,10 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o Fix a bug in the nbase random number generator (and the way it
+  interacted with Nmap and MS Windows) which caused duplicates in some
+  instances.  Thanks to Jah for reporting the problem and working with
+  Brandon Enright and Fyodor and Kris to fix it.
+
 o The scan status message now shows correct elapsed times past 24
   minutes. Previously the hours would roll over prematurely. [David]
 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault