PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

Avoid TOCTOU by checking discovery state in mssql.Discover

Browse Source 
A script might check WasDiscoveryPerformed and get a negative response,
then call Discover, during which time another script already called
Discover. Instead, check the condition *after* acquiring the mutex.
This commit is contained in:
dmiller
2021-12-15 23:44:41 +00:00
parent 0b7dc80349
commit 02c0354744
3 changed files with 12 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
scripts/ms-sql-dac.nse
View File

@@ -76,9 +76,7 @@ action = function( host )
local status, instanceList = mssql.Helper.GetTargetInstances( host )
-- if no instances were targeted, then display info on all
if ( not status ) then
if ( not mssql.Helper.WasDiscoveryPerformed( host ) ) then
mssql.Helper.Discover( host )
end
mssql.Helper.Discover( host )
instanceList = mssql.Helper.GetDiscoveredInstances( host )
end

4
scripts/ms-sql-info.nse
View File

@@ -254,9 +254,7 @@ action = function( host )
local status, instanceList = mssql.Helper.GetTargetInstances( host )
-- if no instances were targeted, then display info on all
if ( not status ) then
if ( not mssql.Helper.WasDiscoveryPerformed( host ) ) then
mssql.Helper.Discover( host )
end
mssql.Helper.Discover( host )
instanceList = mssql.Helper.GetDiscoveredInstances( host )
end