Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Minor bugs in nmap_fetchfile()

From: nnposter () users sourceforge net
Date: Mon, 20 Sep 2004 22:45:21 -0600
There are two minor bugs in nmap_fetchfile() (file 
nmap.cc):

1. Location specified in --datadir does not have an 
effective precedence over location specified in 
$NMAPDIR.

2. Location tested for real UID should be ~/nmap, not 
~/.nmap. (Assuming the EUID test and the docs are 
correct.)


The attached patches will:

- Correct the two bugs.

- Adjust "if" depth for EUID ~/nmap test to be 
consistent with other tests.

- Update description of --datadir in docs/nmap.1 to be 
more in line with the code.


--- nmap.cc.orig        2004-08-30 21:46:20.000000000 -0600
+++ nmap.cc     2004-09-07 11:41:01.915112800 -0600
@@ -1940,7 +1940,7 @@
     }
   }
 
-  if ((dirptr = getenv("NMAPDIR"))) {
+  if (!foundsomething && (dirptr = getenv("NMAPDIR"))) {
     res = snprintf(filename_returned, bufferlen, "%s/%s", dirptr, file);
     if (res > 0 && res < bufferlen) {
       if (fileexistsandisreadable(filename_returned))
@@ -1951,12 +1951,13 @@
   if (!foundsomething) {
     pw = getpwuid(getuid());
     if (pw) {
-      res = snprintf(filename_returned, bufferlen, "%s/.nmap/%s", pw->pw_dir, file);
+      res = snprintf(filename_returned, bufferlen, "%s/nmap/%s", pw->pw_dir, file);
       if (res > 0 && res < bufferlen) {
        if (fileexistsandisreadable(filename_returned))
          foundsomething = 1;
       }
     }
+  }
     if (!foundsomething && getuid() != geteuid()) {
       pw = getpwuid(geteuid());
       if (pw) {
@@ -1967,7 +1968,6 @@
        }
       }
     }
-  }
 #else
   if (!foundsomething) { /* Try the nMap directory */
          char fnbuf[MAX_PATH];
--- docs/nmap.1.orig    2004-08-29 02:55:50.000000000 -0600
+++ docs/nmap.1 2004-09-07 11:33:55.962623200 -0600
@@ -763,9 +763,11 @@
 nmap-services, nmap-protocols, nmap-rpc, and nmap-os-fingerprints.
 Nmap first searches these files in the directory option to --nmapdir.
 Any files not found there, are searched for in the directory specified
-by the NMAPDIR environmental variable.  Next comes ~/nmap, and then
-a compiled-in location such as /usr/share/nmap .  As a last resort,
-Nmap will look in the current directory.
+by the NMAPDIR environmental variable.  Next comes ~/nmap for both real
+and effective UIDs (POSIX systems only) or location of the nmap 
+executable (Win32 only), and then a compiled-in location such as 
+/usr/share/nmap.  As a last resort, Nmap will look in the current 
+directory.
 .TP
 .B TIMING OPTIONS
 Generally Nmap does a good job at adjusting for Network

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org
Previous By Date Next
Previous By Thread Next

Current thread: