mailing list archives
Re: script category selection bug - was: Script force
From: Patrick Donnelly <batrick () batbytes com>
Date: Mon, 5 Dec 2011 12:18:50 -0500
On Mon, Dec 5, 2011 at 10:38 AM, Djalal Harouni <tixxdz () opendz org> wrote:
On Sat, Dec 03, 2011 at 10:41:47PM +0100, Martin Holst Swende wrote:
On 12/01/2011 11:47 PM, Djalal Harouni wrote:
On Tue, Nov 29, 2011 at 03:11:32PM -0800, David Fifield wrote:
I also tried
+(default or vuln)
I didn't really expect it to work. This was the output:
NSE: failed to initialize the script engine:
[string "rule"]:1: attempt to call a boolean value
We can also support this but it will need more regexp checks, perhaps we
should just let users specify "+default or +vuln" as suggested by
I'll try to have a look at this error.
Currently, there is an error since the globalized_rule is created on the
"+(default or vuln)" string instead of "(default or vuln)".
If the force-check/removal is moved up, it does not crash (but has no
effect - force is not used)
What happens currently is that the substring in globalize becomes empty,
since gsub will cut the input at first "(". This is the result:
m("")(m("default") or m("vuln"))
Yes the substring becomes empty but this will not trigger the bug.
This bug was present before this patch, you can test it with this:
--script="foo(default and vuln)"
There is no vulnerability here. The parser should probably emit an
error but I'm not sure it's worth it.
- Patrick Donnelly
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/