Fixed a bunch of errors related to inproper responses from webservers.

2026-01-06 06:29:03 +00:00 · 2012-08-31 15:17:14 +00:00
parent b14a8518a3
commit 13411ab6d1
6 changed files with 29 additions and 3 deletions
--- a/scripts/http-affiliate-id.nse
+++ b/scripts/http-affiliate-id.nse
@@ -91,6 +91,10 @@ portaction = function(host, port)
 	local url_path = stdnse.get_script_args("http-affiliate-id.url-path") or "/"
 	local body = http.get(host, port, url_path).body

+	if ( not(body) ) then
+		return
+	end
+
 	-- Here goes affiliate matching
 	for name, re in pairs(AFFILIATE_PATTERNS) do
 		local regex = pcre.new(re, 0, "C")
--- a/scripts/http-generator.nse
+++ b/scripts/http-generator.nse
@@ -78,6 +78,7 @@ action = function(host, port)
             end)

   response = follow_redirects(host, port, path, redirects)
-   return response.body:match(pattern)
-
+   if ( response and response.body ) then
+     return response.body:match(pattern)
+   end
 end
--- a/scripts/http-slowloris-check.nse
+++ b/scripts/http-slowloris-check.nse
@@ -65,6 +65,10 @@ local TimeWith 	  -- time with additional headers

 -- does a half http request and waits until timeout 
 local function slowThread1(host,port)
+	-- if no response was received when determining SSL
+	if ( Bestopt == "none" ) then
+		return
+	end
 	local socket,status
 	local catch = function()
 		TimeWithout = nmap.clock()
@@ -81,6 +85,10 @@ end
 -- does a half http request but sends another 
 -- header value after 10 seconds
 local function slowThread2(host,port)
+	-- if no response was received when determining SSL
+	if ( Bestopt == "none" ) then
+		return
+	end
 	local socket,status
 	local catch = function()
 		-- note the time the socket timedout
@@ -135,6 +143,9 @@ so, it starves the http server's resources causing Denial Of Service.
 		stdnse.sleep(1)
 	end
 	-- compare times
+	if ( not(TimeWith) or not(TimeWithout) ) then
+		return
+	end
 	local diff = TimeWith - TimeWithout 
 	stdnse.print_debug("Time difference is: %d",diff)
 	-- if second connection died 10 or more seconds after the first 
--- a/scripts/http-title.nse
+++ b/scripts/http-title.nse
@@ -51,6 +51,10 @@ action = function(host, port)
    end
  end

+  if ( not(resp.body) ) then
+    return
+  end
+
  -- try and match title tags
  title = string.match(resp.body, "<[Tt][Ii][Tt][Ll][Ee][^>]*>([^<]*)</[Tt][Ii][Tt][Ll][Ee]>")

--- a/scripts/http-trace.nse
+++ b/scripts/http-trace.nse
@@ -37,7 +37,9 @@ portrule = shortport.http
 --@param response_headers The HTTP response headers 
 local validate = function(response, response_headers)
  local output_lines = {}
-
+  if ( not(response) ) then
+    return
+  end
  if not(response:match("HTTP/1.[01] 200") or response:match("TRACE / HTTP/1.[01]")) then
    return
  else