Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Bug in SMB when multiple scripts are connecting to same host
From: Ron <ron () skullsecurity net>
Date: Thu, 31 Mar 2011 14:00:01 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

So, I ran into this issue earlier this week and it drove me crazy. Unfortunately, I didn't have email/Internet access 
on site so I couldn't try the patch. 

Since there's already a bug there, and it's pretty annoying, I say let's add this patch and, on the off chance that it 
breaks something, we deal with it then. :)

Ron

On Thu, 31 Mar 2011 13:54:39 -0500 Chris Woodbury <woodbusy () gmail com> wrote:
David-

Sorry for the delay in getting back to you. You make a good point
about the maintainability of all those unlocks. Fortunately, those
two functions are already wrapped by another one, start_session(), so
I've attached a patch that moves the mutex to that function. For good
measure, I also threw in some comments warning users away from
calling start_session_basic() and start_session_extended() directly.

-chris


On Tue, Mar 15, 2011 at 1:45 AM, David Fifield
<david () bamsoftware com>wrote:

On Mon, Feb 28, 2011 at 01:44:34PM -0600, Chris Woodbury wrote:
Ron-

Thanks for the response. Don't worry about the delay - 'better
late than never' is my motto ;). I hadn't thought of the lockout
implications of separate account lists; so, yes, you certainly
wouldn't want to go that route. With that in mind, I put some
more thought into it, and it seems
to
me that mutexes are the best approach.

I made a patch that adds mutexes to start_session_basic() and
start_session_extended(). My thinking was that the first script
to get
there
would be responsible for finding the right account (or exhausting
the possibilities), and that, once that was done, the other
scripts could
follow
along and already have that account waiting for their
get_account() call.
I
had to put in an "unlock" before each of the short-circuit
returns; so,
it's
not exactly pretty, but it gets the job done.

Could you rewrite this with wrapper functions to handle the
mutexes, so as to get rid of the need to unlock at every single
return? I'm afraid the way it's written now will be too hard to
maintain.

Ron, what do you think of Chris's solution?

David Fifield

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)

iEYEARECAAYFAk2UzzQACgkQ2t2zxlt4g/Q2qQCgrcvL0BSyeI1kxDWxjzh6PWTs
eqEAnRMcbnV4S6c4DhrzkopZTMJPrz4W
=lJpO
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault