PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 22:21:29 +00:00
Code Issues Projects Releases Wiki Activity

Fix off-by-one bug when parsing MySQL EOF packet. Fixes #2128

Browse Source
This commit is contained in:
nnposter
2020-10-08 17:56:18 +00:00
parent c8450d4d0c
commit 1d4d3536e3
2 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG
View File

@@ -3,6 +3,9 @@
o [NSE][GH#2136][GH#2137] Rectify error "time result cannot be represented..." o [NSE][GH#2136][GH#2137] Rectify error "time result cannot be represented..."
in the AFP library. [Clément Notin] in the AFP library. [Clément Notin]
o [NSE][GH#2128] MySQL library was not properly parsing server responses,
resulting in script crashes. [nnposter]
o [NSE] Script mysql-audit now defaults to the bundled mysql-cis.audit for o [NSE] Script mysql-audit now defaults to the bundled mysql-cis.audit for
the audit rule base. [nnposter] the audit rule base. [nnposter]

2
nselib/mysql.lua
View File

@@ -384,7 +384,7 @@ function decodeQueryResponse( socket )
-- Is this the EOF packet? -- Is this the EOF packet?
if b == EOF_MARKER then if b == EOF_MARKER then
-- we don't want the EOF Packet included -- we don't want the EOF Packet included
block_end = pos - HEADER_SIZE block_end = pos - HEADER_SIZE - 1
pos = pos + header.len pos = pos + header.len
break break
end end