From 2532c413b5efbcd949aafc43dfce89c7094656a4 Mon Sep 17 00:00:00 2001 From: david Date: Tue, 10 Jan 2012 03:25:19 +0000 Subject: [PATCH] o [NSE] Fixed a race condition in broadcast-dhcp-discover.nse that could cause responses to be missed on fast networks. It was noticed by Vasiliy Kulikov. [David] --- CHANGELOG | 4 ++++ scripts/broadcast-dhcp-discover.nse | 19 ++++++++++--------- 2 files changed, 14 insertions(+), 9 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 9ff22738d..654bad82a 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,9 @@ # Nmap Changelog ($Id$); -*-text-*- +o [NSE] Fixed a race condition in broadcast-dhcp-discover.nse that + could cause responses to be missed on fast networks. It was noticed + by Vasiliy Kulikov. [David] + o Added IPv6 support to firewalk.nse. [Henri] o Fixed a bug in reverse name resolution: a name of "." would leave diff --git a/scripts/broadcast-dhcp-discover.nse b/scripts/broadcast-dhcp-discover.nse index f188bb403..826a571e4 100644 --- a/scripts/broadcast-dhcp-discover.nse +++ b/scripts/broadcast-dhcp-discover.nse @@ -80,12 +80,10 @@ end -- @param timeout number of ms to wait for a response -- @param xid the DHCP transaction id -- @param result a table to which the result is written -local function dhcp_listener(iface, timeout, xid, result) - local sock = nmap.new_socket() +local function dhcp_listener(sock, timeout, xid, result) local condvar = nmap.condvar(result) sock:set_timeout(100) - sock:pcap_open(iface, 1500, false, "ip && udp && port 68") local start_time = nmap.clock_ms() while( nmap.clock_ms() - start_time < timeout ) do @@ -158,20 +156,23 @@ action = function() local status, packet = dhcp.dhcp_build(request_type, ip_address, mac, nil, request_options, overrides, lease_time, transaction_id) if (not(status)) then return "\n ERROR: Failed to build packet" end - local socket = nmap.new_socket("udp") - socket:bind(nil, 68) - socket:sendto( host, port, packet ) - socket:close() - local threads = {} local result = {} local condvar = nmap.condvar(result) -- start a listening thread for each interface for iface, _ in pairs(interfaces) do - local co = stdnse.new_thread( dhcp_listener, iface, timeout, transaction_id, result ) + local sock, co + sock = nmap.new_socket() + sock:pcap_open(iface, 1500, false, "ip && udp && port 68") + co = stdnse.new_thread( dhcp_listener, sock, timeout, transaction_id, result ) threads[co] = true end + + local socket = nmap.new_socket("udp") + socket:bind(nil, 68) + socket:sendto( host, port, packet ) + socket:close() -- wait until all threads are done repeat