PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-23 16:09:02 +00:00
Code Issues Projects Releases Wiki Activity

Fix a bug which would cause Nmap to crash with the message 'log_vwrite: write buffer not large enough'

Browse Source
This commit is contained in:
fyodor
2006-08-24 06:41:14 +00:00
parent a403864351
commit 11d0a44332
2 changed files with 21 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGELOG
View File

@@ -19,6 +19,11 @@ o Applied some nsock bugfixes from Diman Todorov. These don't
affect the current version of Nmap, but are important for his upcoming affect the current version of Nmap, but are important for his upcoming
Nmap Scripting Engine. Nmap Scripting Engine.
o Fixed a bug which would occasionally cause Nmap to crash with the
message "log_vwrite: write buffer not large enough". I thought I
conquered it in a previous release -- thanks to Doug Hoyte for finding a
corner case which proved me wrong.
o Integrated all 2nd quarter service detection fingerprint o Integrated all 2nd quarter service detection fingerprint
submissions. Please keep them coming! We now have 3,671 signatures submissions. Please keep them coming! We now have 3,671 signatures
representing 415 protocols. Thanks to version detection czar Doug representing 415 protocols. Thanks to version detection czar Doug

16
output.cc
View File

@@ -675,12 +675,14 @@ char* xml_convert (const char* str) {
va_start() AND va_end() calls. */ va_start() AND va_end() calls. */
void log_vwrite(int logt, const char *fmt, va_list ap) { void log_vwrite(int logt, const char *fmt, va_list ap) {
static char *writebuf = NULL; static char *writebuf = NULL;
int writebuflen = 65536; int writebuflen = 8192;
bool skid_noxlate = false; bool skid_noxlate = false;
int rc = 0; int rc = 0;
int len; int len;
int fileidx = 0; int fileidx = 0;
int l; int l;
va_list apcopy;
/* Account for extended output under high debugging/verbosity */ /* Account for extended output under high debugging/verbosity */
if (o.debugging > 2 || o.verbose > 2) if (o.debugging > 2 || o.verbose > 2)
@@ -708,6 +710,7 @@ void log_vwrite(int logt, const char *fmt, va_list ap) {
case LOG_MACHINE: case LOG_MACHINE:
case LOG_SKID: case LOG_SKID:
case LOG_XML: case LOG_XML:
va_copy(apcopy, ap); /* Needed in case we need to so a second vnsprintf */
l = logt; l = logt;
fileidx = 0; fileidx = 0;
while ((l&1)==0) { fileidx++; l>>=1; } while ((l&1)==0) { fileidx++; l>>=1; }
@@ -715,14 +718,22 @@ void log_vwrite(int logt, const char *fmt, va_list ap) {
if (o.logfd[fileidx]) { if (o.logfd[fileidx]) {
len = vsnprintf(writebuf, writebuflen, fmt, ap); len = vsnprintf(writebuf, writebuflen, fmt, ap);
if (len == 0) { if (len == 0) {
va_end(apcopy);
return; return;
} else if (len < 0) { } else if (len < 0) {
fprintf(stderr, "vnsprintf returned %d in %s -- bizarre. Quitting.\n", len, __FUNCTION__); fprintf(stderr, "vnsprintf returned %d in %s -- bizarre. Quitting.\n", len, __FUNCTION__);
exit(1); exit(1);
} else if (len >= writebuflen) { } else if (len >= writebuflen) {
fprintf(stderr, "%s: write buffer not large enough -- need to increase from %d to at least %d (logt == %d). Please email this message to fyodor@insecure.org. Quitting.\n", __FUNCTION__, writebuflen, len, logt); /* Didn't have enough space. Expand writebuf and try again */
free(writebuf);
writebuflen = len + 1024;
writebuf = (char *) safe_malloc(writebuflen);
len = vsnprintf(writebuf, writebuflen, fmt, apcopy);
if (len <= 0 || len >= writebuflen) {
fprintf(stderr, "%s: vnsprintf failed. Even after increasing bufferlen to %d, vsnprintf returned %d (logt == %d). Please email this message to fyodor@insecure.org. Quitting.\n", __FUNCTION__, writebuflen, len, logt);
exit(1); exit(1);
} }
}
if (logt == LOG_SKID && !skid_noxlate) if (logt == LOG_SKID && !skid_noxlate)
skid_output(writebuf); skid_output(writebuf);
rc = fwrite(writebuf,len,1,o.logfd[fileidx]); rc = fwrite(writebuf,len,1,o.logfd[fileidx]);
@@ -730,6 +741,7 @@ void log_vwrite(int logt, const char *fmt, va_list ap) {
fprintf(stderr, "Failed to write %d bytes of data to (logt==%d) stream. fwrite returned %d. Quitting.\n", len, logt, rc); fprintf(stderr, "Failed to write %d bytes of data to (logt==%d) stream. fwrite returned %d. Quitting.\n", len, logt, rc);
exit(1); exit(1);
} }
va_end(apcopy);
} }
break; break;