Match icmpid in icmp_probe_match.

Remainder of Chris Johnson's patch from http://seclists.org/nmap-dev/2013/q3/296. Previously, Nmap could match replies that came in response to an original probe, with one of the retransmissions of the probe. One effect was that latency would be measured to be smaller than it should. Chris Johnson summarized the problem and showed how to reproduce it at http://seclists.org/nmap-dev/2013/q3/113.
2025-12-27 01:49:03 +00:00 · 2013-08-17 02:18:09 +00:00
parent 4b47eae996
commit 262c147308
1 changed files with 4 additions and 0 deletions
--- a/scan_engine.cc
+++ b/scan_engine.cc
@@ -2583,6 +2583,10 @@ static bool icmp_probe_match(const UltraScanInfo *USI, const UltraProbe *probe,
      probe->ipid() == ipid)
    return false; /* We saw the packet we ourselves sent */

+  /* Check that the randomly-generated ping ident matches. */
+  if (ntohs(ping->id) != probe->icmpid())
+    return false;
+
  return true;
 }