Nmap Development mailing list archives

Re: Illegal character in hostname

From: David Fifield <david () bamsoftware com>
Date: Sat, 7 Jan 2012 20:42:32 -0800

On Sat, Jan 07, 2012 at 08:30:23PM +0100, Gisle Vanem wrote:

I found that nmap doesn't like IP-addresses that simply resolves to
a dot '.'. E.g. 77.247.181.164 -> '.'.

nmap spews out a lot of these lines when encountering such a name:
 Illegal character(s) in hostname -- replacing with '*'
 Illegal character(s) in hostname -- replacing with '*'
 Illegal character(s) in hostname -- replacing with '*'
 Illegal character(s) in hostname -- replacing with '*'
 Illegal character(s) in hostname -- replacing with '*
...

I think the function encoded_name_to_normal() in nmap_dns.cc
doesn't handle such "joke hostname"; it's stepping out-of-bounds.
A patch that works for me:

@@ -601,6 +602,13 @@
// a normal decimal separated hostname.
// ASSUMES NAME LENGTH/VALIDITY HAS ALREADY BEEN VERIFIED
static int encoded_name_to_normal(unsigned char *buf, char *output, int outputsize){
+
+  if (!buf[0]) {
+    *output++ = '.';
+    *output++ = '\0';
+    return 0;
+  }
+
  while (buf[0]) {
    if (buf[0] >= outputsize-1) return -1;
    memcpy(output, buf+1, buf[0]);


Thanks, that's a good bug you found. I added some more error checking
and committed r27778.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Illegal character in hostname Gisle Vanem (Jan 07)
- Re: Illegal character in hostname David Fifield (Jan 07)