From 03946ba2f5c72d6fa7f9d443310c82ba7d9f573b Mon Sep 17 00:00:00 2001
From: david <david@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Wed, 31 Oct 2012 16:09:47 +0000
Subject: [PATCH] Return -1 instead of calling pfatal in nmap_raw_socket.

There was one case where we previously didn't fatal, in nse_dnet.cc.
Move the fatal calls out of nmap_raw_socket and into the calling scope,
with the exception of the one in nse_dnet.cc.

The problem was reported by Rob Nicholls.
http://seclists.org/nmap-dev/2012/q4/186
---
 FPEngine.cc    | 2 ++
 idle_scan.cc   | 2 ++
 osscan2.cc     | 2 ++
 scan_engine.cc | 2 ++
 tcpip.cc       | 5 +++--
 traceroute.cc  | 2 ++
 6 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/FPEngine.cc b/FPEngine.cc
index 9d437d472..6ee9883ae 100644
--- a/FPEngine.cc
+++ b/FPEngine.cc
@@ -187,6 +187,8 @@ void FPNetworkControl::init(const char *ifname, devtype iftype) {
     if (this->rawsd >= 0)
       close(this->rawsd);
     rawsd = nmap_raw_socket(ifname);
+    if (rawsd < 0)
+      pfatal("Couldn't obtain raw socket in %s", __func__);
   }
 
   /* De-register existing callers */
diff --git a/idle_scan.cc b/idle_scan.cc
index 557a6e885..69ad4f247 100644
--- a/idle_scan.cc
+++ b/idle_scan.cc
@@ -383,6 +383,8 @@ static void initialize_idleproxy(struct idle_proxy_info *proxy, char *proxyName,
     proxy->ethptr = &proxy->eth;
   } else {
     proxy->rawsd = nmap_raw_socket(proxy->host.deviceName());
+    if (proxy->rawsd < 0)
+      pfatal("socket troubles in %s", __func__);
     unblock_socket(proxy->rawsd);
     proxy->eth.ethsd = NULL;
     proxy->ethptr = NULL;
diff --git a/osscan2.cc b/osscan2.cc
index e2b429ec7..5b8737e3b 100644
--- a/osscan2.cc
+++ b/osscan2.cc
@@ -1268,6 +1268,8 @@ HostOsScan::HostOsScan(Target *t) {
     rawsd = -1;
   } else {
     rawsd = nmap_raw_socket(t->deviceName());
+    if (rawsd < 0)
+      pfatal("socket troubles in %s", __func__);
     unblock_socket(rawsd);
     ethsd = NULL;
   }
diff --git a/scan_engine.cc b/scan_engine.cc
index 073e22f65..9bfffdf32 100644
--- a/scan_engine.cc
+++ b/scan_engine.cc
@@ -1662,6 +1662,8 @@ void UltraScanInfo::Init(std::vector<Target *> &Targets, struct scan_lists *pts,
       rawsd = -1;
     } else {
       rawsd = nmap_raw_socket(Targets[0]->deviceName());
+      if (rawsd < 0)
+        pfatal("socket troubles in %s", __func__);
       /* We do not wan't to unblock the socket since we want to wait
       if kernel send buffers fill up rather than get ENOBUF, and
       we won't be receiving on the socket anyway
diff --git a/tcpip.cc b/tcpip.cc
index c91720764..ac31b8920 100644
--- a/tcpip.cc
+++ b/tcpip.cc
@@ -155,8 +155,9 @@ int nmap_raw_socket(const char *warning_device_name) {
 #ifdef WIN32
   win32_fatal_raw_sockets(warning_device_name);
 #endif
-  if ((rawsd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0 )
-    pfatal("socket troubles in %s", __func__);
+  rawsd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
+  if (rawsd < 0)
+    return rawsd;
   broadcast_socket(rawsd);
 #ifndef WIN32
   sethdrinclude(rawsd);
diff --git a/traceroute.cc b/traceroute.cc
index 7a9a6a1c7..a61ef2303 100644
--- a/traceroute.cc
+++ b/traceroute.cc
@@ -879,6 +879,8 @@ TracerouteState::TracerouteState(std::vector<Target *> &targets) {
     rawsd = -1;
   } else {
     rawsd = nmap_raw_socket(targets[0]->deviceName());
+    if (rawsd < 0)
+      pfatal("traceroute: socket troubles");
     ethsd = NULL;
   }