Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [patch] More NSE bugfixes

From: Patrik Karlsson <patrik () cqure net>
Date: Mon, 4 Jun 2012 06:39:10 +0200
On Mon, Jun 4, 2012 at 4:36 AM, Daniel Miller <bonsaiviking () gmail com>wrote:


List,

Decided to hunt bugs again, by running a debugging scan on my network
(sudo ./nmap -A --script 'default or (safe and discovery)' -d5 -sU -sS
-sY --log-errors 192.168.1.0/24 -T4 -oA ../test). Here are the bugs I
came up with (patches attached):

Fix bug in traceroute-geolocation: ipops

./scripts/traceroute-geolocation.nse:100: variable 'ipops' is not
declared
stack traceback:
   [C]: in function 'error'
   ./nselib/strict.lua:80: in function '__index'
   ./scripts/traceroute-geolocation.nse:100: in function
   <./scripts/traceroute-geolocation.nse:82>
   (...tail calls...)

----
Fix bug in dns.encodeFQDN

In lexmark-config.nse, dns.query is called with "" as the first
argument, which breaks dns.lua, resulting in this error:

./nselib/dns.lua:768: attempt to concatenate a nil value
stack traceback:
   ./nselib/dns.lua:768: in function 'encodeQuestions'
   ./nselib/dns.lua:848: in function 'encode'
   ./nselib/dns.lua:318: in function 'query'
   ./scripts/lexmark-config.nse:66: in function
<./scripts/lexmark-config.nse:56>
   (...tail calls...)

Fixed by returning \0 byte from encodeFQDN if the name passed in is the
empty string. Not sure how this will work, but it shouldn't throw
exceptions, at least.

----
A change had left an undeclared variable, func. Fix was to strip out the
test for existence of func, since that logic was based on previously
loading the function from a file, instead of the current method of
indexing into an object to get the function. Error was:

./scripts/wsdd-discover.nse:53: variable 'func' is not declared
stack traceback:
   [C]: in function 'error'
   ./nselib/strict.lua:80: in function '__index'
   ./scripts/wsdd-discover.nse:53: in function 'main'
   ./nse_main.lua:803: in function <./nse_main.lua:803>

---

Lastly, there's a bug with cups-queue-info (or possibly with the
ipp.lua library) that I can't hunt down at the moment. Perhaps with
access to a printer tomorrow I'll be able to hunt it down, but here's
the exception traceback:

NSE: 'cups-queue-info' (thread: 0xb04eae0) against 192.168.1.2:631
threw an error!
./scripts/cups-queue-info.nse:40: attempt to index upvalue 'ipp' (a
boolean value)
stack traceback:
       ./scripts/cups-queue-info.nse:40: in function
<./scripts/cups-queue-info.nse:39>
       (...tail calls...)

Dan

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/



Thanks Dan, for taking the time to find these!
I applied the patch and fixed the bug in the ipp.lua library, turned out it
was missing a return _ENV; at the end.

//Patrik

-- 
Patrik Karlsson
http://www.cqure.net
http://twitter.com/nevdull77
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: