PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 14:11:29 +00:00
Code Issues Projects Releases Wiki Activity

Added a maximum number of retries to mitigate a remote DoS in the RPC

Browse Source 
packets parsing code. The number was chosen high to avoid decreasing
accuracy. It's just about having an upper limit.
This commit is contained in:
henri
2012-10-20 14:59:53 +00:00
parent 8430ba2792
commit 16ea382e9b
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
nselib/rpc.lua
View File

@@ -408,7 +408,12 @@ Comm = {
local tmp, lastfragment, length local tmp, lastfragment, length
local data, pos = "", 1 local data, pos = "", 1
-- Maximum number of allowed attempts to parse the received bytes. This
-- prevents the code from looping endlessly on invalid content.
local retries = 400
repeat repeat
retries = retries - 1
lastfragment = false lastfragment = false
status, data = self:GetAdditionalBytes( data, pos, 4 ) status, data = self:GetAdditionalBytes( data, pos, 4 )
if ( not(status) ) then if ( not(status) ) then
@@ -453,7 +458,11 @@ Comm = {
pos = pos + length pos = pos + length
data = bufcopy data = bufcopy
until lastfragment == true until (lastfragment == true) or (retries == 0)
if retries == 0 then
return false, "Aborted after too many retries"
end
return true, data return true, data
end end
end, end,