From 19da29942c7d116a474083cc98c94638a14b6dd8 Mon Sep 17 00:00:00 2001 From: patrik Date: Mon, 9 May 2011 17:46:25 +0000 Subject: [PATCH] Applied Sebastian Dragomir's patch for the "Unbounded memory use" bug reported by David Fifield http://seclists.org/nmap-dev/2011/q2/451 --- nselib/drda.lua | 2 +- nselib/giop.lua | 2 +- nselib/informix.lua | 2 +- nselib/iscsi.lua | 2 +- nselib/nrpc.lua | 2 +- nselib/tns.lua | 2 +- nselib/vnc.lua | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/nselib/drda.lua b/nselib/drda.lua index d1a940d76..a896d3201 100644 --- a/nselib/drda.lua +++ b/nselib/drda.lua @@ -767,7 +767,7 @@ DB2Socket = { if ( #self.Buffer < count ) then status, data = self.Socket:receive_bytes( count - #self.Buffer ) - if ( not(status) ) then + if ( not(status) or #data < count - #self.Buffer ) then return false, data end self.Buffer = self.Buffer .. data diff --git a/nselib/giop.lua b/nselib/giop.lua index 1e20ef8aa..0843ab584 100644 --- a/nselib/giop.lua +++ b/nselib/giop.lua @@ -468,7 +468,7 @@ Socket = if ( #self.Buffer < count ) then status, data = self.Socket:receive_bytes( count - #self.Buffer ) - if ( not(status) ) then + if ( not(status) or #data < count - #self.Buffer ) then return false, data end self.Buffer = self.Buffer .. data diff --git a/nselib/informix.lua b/nselib/informix.lua index f1ce41a70..5b5691aa7 100644 --- a/nselib/informix.lua +++ b/nselib/informix.lua @@ -177,7 +177,7 @@ Socket = if ( #self.Buffer < count ) then status, data = self.Socket:receive_bytes( count - #self.Buffer ) - if ( not(status) ) then + if ( not(status) or #data < count - #self.Buffer ) then return false, data end self.Buffer = self.Buffer .. data diff --git a/nselib/iscsi.lua b/nselib/iscsi.lua index 0f7265cd9..b55d42fb1 100644 --- a/nselib/iscsi.lua +++ b/nselib/iscsi.lua @@ -513,7 +513,7 @@ Socket = if ( #self.Buffer < count ) then status, data = self.Socket:receive_bytes( count - #self.Buffer ) - if ( not(status) ) then + if ( not(status) or #data < count - #self.Buffer ) then return false, data end self.Buffer = self.Buffer .. data diff --git a/nselib/nrpc.lua b/nselib/nrpc.lua index a0b752891..dbdf829c2 100644 --- a/nselib/nrpc.lua +++ b/nselib/nrpc.lua @@ -125,7 +125,7 @@ DominoSocket = if ( #self.Buffer < count ) then status, data = self.Socket:receive_bytes( count - #self.Buffer ) - if ( not(status) ) then + if ( not(status) or #data < count - #self.Buffer ) then return false, data end self.Buffer = self.Buffer .. data diff --git a/nselib/tns.lua b/nselib/tns.lua index 37f0ce0e6..4db70f68c 100644 --- a/nselib/tns.lua +++ b/nselib/tns.lua @@ -1205,7 +1205,7 @@ TNSSocket = if ( #self.Buffer < count ) then status, data = self.Socket:receive_bytes( count - #self.Buffer ) - if ( not(status) ) then + if ( not(status) or #data < count - #self.Buffer ) then return false, data end self.Buffer = self.Buffer .. data diff --git a/nselib/vnc.lua b/nselib/vnc.lua index 533d81979..09564a27d 100644 --- a/nselib/vnc.lua +++ b/nselib/vnc.lua @@ -366,7 +366,7 @@ VNCSocket = if ( #self.Buffer < count ) then status, data = self.Socket:receive_bytes( count - #self.Buffer ) - if ( not(status) ) then + if ( not(status) or #data < count - #self.Buffer ) then return false, data end self.Buffer = self.Buffer .. data