PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

Avoid copying target/source addr data when a pointer will do

Browse Source
This commit is contained in:
dmiller
2022-10-31 20:50:19 +00:00
parent 188a3acade
commit 3c6c84b5f7
7 changed files with 81 additions and 159 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
FPEngine.cc
View File

@@ -1694,9 +1694,7 @@ int FPHost6::build_probe_list() {
"\x03\x03\x0f\x01\x02\x04\x01\x09\x08\x0A\xff\xff\xff\xff\x00\x00\x00\x00\x04\x02", 20 },
};
sockaddr_storage ss;
size_t slen = 0;
sockaddr_in6 *ss6 = (sockaddr_in6 *)&ss;
const sockaddr_in6 *ss6 = NULL;
IPv6Header *ip6;
ICMPv6Header *icmp6;
UDPHeader *udp;
@@ -1748,9 +1746,9 @@ int FPHost6::build_probe_list() {
icmp6 = new ICMPv6Header();
hopbyhop1 = new HopByHopHeader();
payload = new RawData();
this->target_host->SourceSockAddr(&ss, &slen);
ss6 = (const sockaddr_in6 *) this->target_host->SourceSockAddr();
ip6->setSourceAddress(ss6->sin6_addr);
this->target_host->TargetSockAddr(&ss, &slen);
ss6 = (const sockaddr_in6 *) this->target_host->TargetSockAddr();
ip6->setDestinationAddress(ss6->sin6_addr);
ip6->setFlowLabel(OSDETECT_FLOW_LABEL);
ip6->setHopLimit(get_hoplimit());
@@ -1781,9 +1779,9 @@ int FPHost6::build_probe_list() {
hopbyhop2 = new HopByHopHeader();
icmp6 = new ICMPv6Header();
payload = new RawData();
this->target_host->SourceSockAddr(&ss, &slen);
ss6 = (const sockaddr_in6 *) this->target_host->SourceSockAddr();
ip6->setSourceAddress(ss6->sin6_addr);
this->target_host->TargetSockAddr(&ss, &slen);
ss6 = (const sockaddr_in6 *) this->target_host->TargetSockAddr();
ip6->setDestinationAddress(ss6->sin6_addr);
ip6->setFlowLabel(OSDETECT_FLOW_LABEL);
ip6->setHopLimit(get_hoplimit());
@@ -1818,9 +1816,9 @@ int FPHost6::build_probe_list() {
) {
ip6 = new IPv6Header();
icmp6 = new ICMPv6Header();
this->target_host->SourceSockAddr(&ss, &slen);
ss6 = (const sockaddr_in6 *) this->target_host->SourceSockAddr();
ip6->setSourceAddress(ss6->sin6_addr);
this->target_host->TargetSockAddr(&ss, &slen);
ss6 = (const sockaddr_in6 *) this->target_host->TargetSockAddr();
ip6->setDestinationAddress(ss6->sin6_addr);
ip6->setFlowLabel(OSDETECT_FLOW_LABEL);
/* RFC 2461 section 7.1.1: "A node MUST silently discard any received
@@ -1848,9 +1846,9 @@ int FPHost6::build_probe_list() {
ip6 = new IPv6Header();
udp = new UDPHeader();
payload = new RawData();
this->target_host->SourceSockAddr(&ss, &slen);
ss6 = (const sockaddr_in6 *) this->target_host->SourceSockAddr();
ip6->setSourceAddress(ss6->sin6_addr);
this->target_host->TargetSockAddr(&ss, &slen);
ss6 = (const sockaddr_in6 *) this->target_host->TargetSockAddr();
ip6->setDestinationAddress(ss6->sin6_addr);
ip6->setFlowLabel(OSDETECT_FLOW_LABEL);
ip6->setHopLimit(get_hoplimit());

25
idle_scan.cc
View File

@@ -197,8 +197,7 @@ static int ipid_proxy_probe(struct idle_proxy_info *proxy, int *probes_sent,
static int packet_send_count = 0; /* Total # of probes sent by this program -- to ensure that our sequence # always changes */
u32 packetlen = 0;
u8 *ipv6_packet = NULL;
struct sockaddr_storage ss;
size_t sslen;
const struct sockaddr_storage *ss;
struct ip6_hdr *ip6 = NULL;
const void *ipv6_data;
u8 hdr;
@@ -237,8 +236,8 @@ static int ipid_proxy_probe(struct idle_proxy_info *proxy, int *probes_sent,
(u8 *) TCP_SYN_PROBE_OPTIONS, TCP_SYN_PROBE_OPTIONS_LEN,
NULL, 0,
&packetlen);
proxy->host.TargetSockAddr(&ss, &sslen);
res = send_ip_packet(proxy->rawsd, proxy->ethptr, &ss, ipv6_packet, packetlen);
ss = proxy->host.TargetSockAddr();
res = send_ip_packet(proxy->rawsd, proxy->ethptr, ss, ipv6_packet, packetlen);
if (res == -1)
fatal("Error occurred while trying to send IPv6 packet");
free(ipv6_packet);
@@ -374,8 +373,7 @@ static void ipv6_force_fragmentation(struct idle_proxy_info *proxy, Target *targ
u32 packetlen = 0;
u16 pingid = 0;
u16 seq = 0;
struct sockaddr_storage ss;
size_t sslen;
const struct sockaddr_storage *ss;
int res;
assert(proxy);
@@ -394,9 +392,9 @@ static void ipv6_force_fragmentation(struct idle_proxy_info *proxy, Target *targ
log_write(LOG_STDOUT, "Packet capture filter (device %s): %s\n", proxy->host.deviceFullName(), filter);
/* Make a ping that is in total 1280 byte long and send it */
proxy->host.TargetSockAddr(&ss, &sslen);
ss = proxy->host.TargetSockAddr();
ipv6_packet = build_icmpv6_raw(proxy->host.v6sourceip(), proxy->host.v6hostip(), 0x00, 0x0000, o.ttl, seq , pingid, ICMPV6_ECHO, 0x00, data, sizeof(data) , &packetlen);
res = send_ip_packet(proxy->rawsd, proxy->ethptr, &ss, ipv6_packet, packetlen);
res = send_ip_packet(proxy->rawsd, proxy->ethptr, ss, ipv6_packet, packetlen);
if (res == -1)
fatal("Error occurred while trying to send ICMPv6 Echo Request to the idle host");
free(ipv6_packet);
@@ -436,7 +434,7 @@ static void ipv6_force_fragmentation(struct idle_proxy_info *proxy, Target *targ
memcpy(&data[4], ip, sizeof(data)-4);
ipv6_packet = build_icmpv6_raw(proxy->host.v6sourceip(), proxy->host.v6hostip(), 0x00, 0x0000, o.ttl, 0x00 , 0x00, 0x02, 0x00, data, sizeof(data) , &packetlen);
res = send_ip_packet(proxy->rawsd, proxy->ethptr, &ss, ipv6_packet, packetlen);
res = send_ip_packet(proxy->rawsd, proxy->ethptr, ss, ipv6_packet, packetlen);
if (res == -1)
fatal("Error occurred while trying to send spoofed ICMPv6 Echo Request to the idle host");
@@ -449,7 +447,7 @@ static void ipv6_force_fragmentation(struct idle_proxy_info *proxy, Target *targ
seq = get_random_u16();
ipv6_packet = build_icmpv6_raw(target->v6hostip(), proxy->host.v6hostip(), 0x00, 0x0000, o.ttl, seq , pingid, ICMPV6_ECHO, 0x00, data, sizeof(data) , &packetlen);
res = send_ip_packet(proxy->rawsd, proxy->ethptr, &ss, ipv6_packet, packetlen);
res = send_ip_packet(proxy->rawsd, proxy->ethptr, ss, ipv6_packet, packetlen);
if (res == -1)
fatal("Error occurred while trying to send ICMPv6 Echo Request to the idle host");
@@ -464,7 +462,7 @@ static void ipv6_force_fragmentation(struct idle_proxy_info *proxy, Target *targ
ipv6_packet = build_icmpv6_raw(target->v6hostip(), proxy->host.v6hostip(), 0x00, 0x0000, o.ttl, 0x00 , 0x00, 0x02, 0x00, data, sizeof(data) , &packetlen);
/* give the decoy host time to reply to the target */
usleep(10000);
res = send_ip_packet(proxy->rawsd, proxy->ethptr, &ss, ipv6_packet, packetlen);
res = send_ip_packet(proxy->rawsd, proxy->ethptr, ss, ipv6_packet, packetlen);
if (res == -1)
fatal("Error occurred while trying to send ICMPv6 PTB to the idle host");
free(ipv6_packet);
@@ -1001,15 +999,12 @@ static int idlescan_countopen2(struct idle_proxy_info *proxy,
int dotry3 = 0;
struct eth_nfo eth;
u8 *packet = NULL;
struct sockaddr_storage ss;
size_t sslen;
u32 packetlen = 0;
int res;
if (seq == 0)
seq = get_random_u32();
target->TargetSockAddr(&ss, &sslen);
memset(&end, 0, sizeof(end));
memset(&latestchange, 0, sizeof(latestchange));
gettimeofday(&start, NULL);
@@ -1054,7 +1049,7 @@ static int idlescan_countopen2(struct idle_proxy_info *proxy,
(u8 *) TCP_SYN_PROBE_OPTIONS, TCP_SYN_PROBE_OPTIONS_LEN,
o.extra_payload, o.extra_payload_length,
&packetlen);
res = send_ip_packet(proxy->rawsd, eth.ethsd ? &eth : NULL, &ss, packet, packetlen);
res = send_ip_packet(proxy->rawsd, eth.ethsd ? &eth : NULL, target->TargetSockAddr(), packet, packetlen);
if (res == -1)
fatal("Error occurred while trying to send IPv6 packet");
free(packet);

15
nmap_dns.cc
View File

@@ -1163,8 +1163,6 @@ static void nmap_mass_rdns_core(Target **targets, int num_targets) {
SPM = new ScanProgressMeter(spmobuf);
for(i=0, reqI = deferred_reqs.begin(); reqI != deferred_reqs.end(); reqI++, i++) {
struct sockaddr_storage ss;
size_t sslen;
char hostname[FQDN_LEN + 1] = "";
if (keyWasPressed())
@@ -1172,10 +1170,8 @@ static void nmap_mass_rdns_core(Target **targets, int num_targets) {
tpreq = *reqI;
if (tpreq->targ->TargetSockAddr(&ss, &sslen) != 0)
fatal("Failed to get target socket address.");
if (getnameinfo((struct sockaddr *)&ss, sslen, hostname,
if (getnameinfo((const struct sockaddr *)tpreq->targ->TargetSockAddr(),
sizeof(struct sockaddr_storage), hostname,
sizeof(hostname), NULL, 0, NI_NAMEREQD) == 0) {
stat_ok++;
stat_cname++;
@@ -1197,8 +1193,6 @@ static void nmap_mass_rdns_core(Target **targets, int num_targets) {
static void nmap_system_rdns_core(Target **targets, int num_targets) {
Target **hostI;
Target *currenths;
struct sockaddr_storage ss;
size_t sslen;
char hostname[FQDN_LEN + 1] = "";
char spmobuf[1024];
int i;
@@ -1219,9 +1213,8 @@ static void nmap_system_rdns_core(Target **targets, int num_targets) {
SPM->printStats((double) i / stat_actual, NULL);
if (((currenths->flags & HOST_UP) || o.always_resolve) && !o.noresolve) {
if (currenths->TargetSockAddr(&ss, &sslen) != 0)
fatal("Failed to get target socket address.");
if (getnameinfo((struct sockaddr *)&ss, sslen, hostname,
if (getnameinfo((struct sockaddr *)currenths->TargetSockAddr(),
sizeof(sockaddr_storage), hostname,
sizeof(hostname), NULL, 0, NI_NAMEREQD) == 0) {
stat_ok++;
currenths->setHostName(hostname);

8
output.cc
View File

@@ -2303,13 +2303,9 @@ static void printtraceroute_normal(const Target *currenths) {
if (!o.debugging) {
/* Consolidate shared hops. */
const TracerouteHop *shared_hop = NULL;
struct sockaddr_storage addr;
size_t sslen;
sslen = sizeof(addr);
currenths->TargetSockAddr(&addr, &sslen);
const struct sockaddr_storage *addr = currenths->TargetSockAddr();
while (it != currenths->traceroute_hops.end()
&& !sockaddr_storage_equal(&it->tag, &addr)) {
&& !sockaddr_storage_equal(&it->tag, addr)) {
shared_hop = &*it;
it++;
}

131
scan_engine_raw.cc
View File

@@ -308,24 +308,20 @@ static bool icmp_probe_match(const UltraScanInfo *USI, const UltraProbe *probe,
}
static bool tcp_probe_match(const UltraScanInfo *USI, const UltraProbe *probe,
const HostScanStats *hss, const struct tcp_hdr *tcp,
const struct sockaddr_storage *ss, const struct tcp_hdr *tcp,
const struct sockaddr_storage *src, const struct sockaddr_storage *dst,
u32 ipid) {
const struct probespec_tcpdata *probedata;
struct sockaddr_storage srcaddr;
size_t srcaddr_len;
tryno_t tryno = {0};
bool goodseq;
if (probe->protocol() != IPPROTO_TCP)
return false;
srcaddr_len = sizeof(srcaddr);
hss->target->SourceSockAddr(&srcaddr, &srcaddr_len);
/* Ensure the connection info matches. */
if (probe->dport() != ntohs(tcp->th_sport)
|| probe->sport() != ntohs(tcp->th_dport)
|| sockaddr_storage_cmp(&srcaddr, dst) != 0)
|| sockaddr_storage_cmp(ss, dst) != 0)
return false;
// If magic port is *not* set, then tryno is in the source port, and we
@@ -401,8 +397,7 @@ int get_ping_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
unsigned int listsz;
reason_t current_reason = ER_NORESPONSE;
struct sockaddr_storage target_src, target_dst;
size_t ss_len;
const struct sockaddr_storage *target_src = NULL, *target_dst = NULL;
const void *data = NULL;
unsigned int datalen;
@@ -463,8 +458,7 @@ int get_ping_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
probeI = hss->probes_outstanding.end();
listsz = hss->num_probes_outstanding();
ss_len = sizeof(target_src);
hss->target->SourceSockAddr(&target_src, &ss_len);
target_src = hss->target->SourceSockAddr();
/* A check for weird_responses is needed here. This is not currently
possible because we don't have a good way to look up the original
@@ -485,7 +479,7 @@ int get_ping_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
probeI--;
probe = *probeI;
if (!icmp_probe_match(USI, probe, ping, &target_src, &hdr.src, &hdr.dst, hdr.proto, hdr.ipid))
if (!icmp_probe_match(USI, probe, ping, target_src, &hdr.src, &hdr.dst, hdr.proto, hdr.ipid))
continue;
goodone = true;
@@ -543,10 +537,8 @@ int get_ping_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
probeI = hss->probes_outstanding.end();
listsz = hss->num_probes_outstanding();
ss_len = sizeof(target_src);
hss->target->SourceSockAddr(&target_src, &ss_len);
ss_len = sizeof(target_dst);
hss->target->TargetSockAddr(&target_dst, &ss_len);
target_src = hss->target->SourceSockAddr();
target_dst = hss->target->TargetSockAddr();
/* Find the probe that provoked this response. */
for (probenum = 0; probenum < listsz; probenum++) {
@@ -554,9 +546,9 @@ int get_ping_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
probe = *probeI;
if (probe->protocol() != encaps_hdr.proto ||
sockaddr_storage_cmp(&target_src, &hdr.dst) != 0 ||
sockaddr_storage_cmp(&target_src, &encaps_hdr.src) != 0 ||
sockaddr_storage_cmp(&target_dst, &encaps_hdr.dst) != 0)
sockaddr_storage_cmp(target_src, &hdr.dst) != 0 ||
sockaddr_storage_cmp(target_src, &encaps_hdr.src) != 0 ||
sockaddr_storage_cmp(target_dst, &encaps_hdr.dst) != 0)
continue;
if ((encaps_hdr.proto == IPPROTO_ICMP || encaps_hdr.proto == IPPROTO_ICMPV6)
@@ -601,7 +593,7 @@ int get_ping_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
// If it's Port or Proto unreachable and the address matches, it's up.
if (((hdr.proto == IPPROTO_ICMP && (ping->code == 2 || ping->code == 3))
|| (hdr.proto == IPPROTO_ICMPV6 && ping->code == 4))
&& sockaddr_storage_cmp(&target_dst, &hdr.src) == 0) {
&& sockaddr_storage_cmp(target_dst, &hdr.src) == 0) {
/* The ICMP or ICMPv6 error came directly from the target, so it's up. */
goodone = true;
newstate = HOST_UP;
@@ -671,6 +663,7 @@ int get_ping_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
setTargetMACIfAvailable(hss->target, &linkhdr, &hdr.src, 0);
probeI = hss->probes_outstanding.end();
listsz = hss->num_probes_outstanding();
target_src = hss->target->SourceSockAddr();
goodone = false;
@@ -679,7 +672,7 @@ int get_ping_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
probeI--;
probe = *probeI;
if (!tcp_probe_match(USI, probe, hss, tcp, &hdr.src, &hdr.dst, hdr.ipid))
if (!tcp_probe_match(USI, probe, target_src, tcp, &hdr.src, &hdr.dst, hdr.ipid))
continue;
goodone = true;
@@ -710,8 +703,7 @@ int get_ping_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
listsz = hss->num_probes_outstanding();
goodone = false;
ss_len = sizeof(target_src);
hss->target->SourceSockAddr(&target_src, &ss_len);
target_src = hss->target->SourceSockAddr();
for (probenum = 0; probenum < listsz && !goodone; probenum++) {
probeI--;
@@ -723,7 +715,7 @@ int get_ping_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
/* Ensure the connection info matches. */
if (probe->dport() != ntohs(udp->uh_sport) ||
probe->sport() != ntohs(udp->uh_dport) ||
sockaddr_storage_cmp(&target_src, &hdr.dst) != 0)
sockaddr_storage_cmp(target_src, &hdr.dst) != 0)
continue;
/* Sometimes we get false results when scanning localhost with
@@ -753,8 +745,7 @@ int get_ping_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
listsz = hss->num_probes_outstanding();
goodone = false;
ss_len = sizeof(target_dst);
hss->target->SourceSockAddr(&target_src, &ss_len);
target_src = hss->target->SourceSockAddr();
for (probenum = 0; probenum < listsz && !goodone; probenum++) {
probeI--;
@@ -766,7 +757,7 @@ int get_ping_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
/* Ensure the connection info matches. */
if (probe->dport() != ntohs(sctp->sh_sport) ||
probe->sport() != ntohs(sctp->sh_dport) ||
sockaddr_storage_cmp(&target_src, &hdr.dst) != 0)
sockaddr_storage_cmp(target_src, &hdr.dst) != 0)
continue;
/* Sometimes we get false results when scanning localhost with
@@ -822,11 +813,7 @@ int get_ping_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
} while (!goodone && !timedout);
if (goodone && newstate != HOST_UNKNOWN) {
struct sockaddr_storage target_dst;
size_t ss_len;
ss_len = sizeof(target_dst);
hss->target->TargetSockAddr(&target_dst, &ss_len);
target_dst = hss->target->TargetSockAddr();
if (probe->isPing())
ultrascan_ping_update(USI, hss, probeI, &USI->now, adjust_timing);
@@ -839,7 +826,7 @@ int get_ping_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
setTargetMACIfAvailable(hss->target, &linkhdr, &hdr.src, 0);
hss->target->reason.reason_id = current_reason;
hss->target->reason.ttl = hdr.ttl;
if (sockaddr_storage_cmp(&hdr.src, &target_dst) != 0) {
if (sockaddr_storage_cmp(&hdr.src, target_dst) != 0) {
hss->target->reason.set_ip_addr(&hdr.src);
}
}
@@ -901,29 +888,17 @@ void begin_sniffer(UltraScanInfo *USI, std::vector<Target *> &Targets) {
IPPROTO_ICMPV6, ICMPV6_NEIGHBOR_ADVERTISEMENT);
pcap_filter.append(filterstr);
} else if (USI->prot_scan || (USI->ping_scan && USI->ptech.rawprotoscan)) {
struct sockaddr_storage source;
size_t source_len;
source_len = sizeof(source);
Targets[0]->SourceSockAddr(&source, &source_len);
pcap_filter = "dst host ";
pcap_filter += inet_ntop_ez(&source, sizeof(source));
pcap_filter += inet_ntop_ez(Targets[0]->SourceSockAddr(), sizeof(struct sockaddr_storage));
if (doIndividual) {
pcap_filter += " and (icmp or icmp6 or (";
pcap_filter += dst_hosts;
pcap_filter += "))";
}
} else if (USI->tcp_scan || USI->udp_scan || USI->sctp_scan || USI->ping_scan) {
struct sockaddr_storage source;
size_t source_len;
bool first = false;
source_len = sizeof(source);
Targets[0]->SourceSockAddr(&source, &source_len);
pcap_filter = "dst host ";
pcap_filter += inet_ntop_ez(&source, sizeof(source));
pcap_filter += inet_ntop_ez(Targets[0]->SourceSockAddr(), sizeof(struct sockaddr_storage));
pcap_filter += " and (icmp or icmp6";
if (doIndividual) {
pcap_filter += " or (";
@@ -1048,12 +1023,10 @@ UltraProbe *sendNDScanProbe(UltraScanInfo *USI, HostScanStats *hss,
multicast_prefix[12] = 0xff;
memcpy(&ns_dst_ip6, multicast_prefix, sizeof(multicast_prefix));
struct sockaddr_storage source;
struct sockaddr_in6 *sin6;
size_t source_len;
const struct sockaddr_storage *source;
const struct sockaddr_in6 *sin6;
source_len = sizeof(source);
hss->target->SourceSockAddr(&source, &source_len);
source = hss->target->SourceSockAddr();
sin6 = (struct sockaddr_in6 *) &source;
struct icmpv6_msg_nd ns_msg;
@@ -1688,8 +1661,7 @@ bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
timedout = true;
}
struct sockaddr_storage target_src, target_dst;
size_t ss_len;
const struct sockaddr_storage *target_src = NULL, *target_dst = NULL;
datalen = bytes;
data = ip_get_data(ip_tmp, &datalen, &hdr);
@@ -1737,6 +1709,7 @@ bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
setTargetMACIfAvailable(hss->target, &linkhdr, &hdr.src, 0);
probeI = hss->probes_outstanding.end();
listsz = hss->num_probes_outstanding();
target_src = hss->target->SourceSockAddr();
goodone = false;
@@ -1745,7 +1718,7 @@ bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
probeI--;
probe = *probeI;
if (!tcp_probe_match(USI, probe, hss, tcp, &hdr.src, &hdr.dst, hdr.ipid))
if (!tcp_probe_match(USI, probe, target_src, tcp, &hdr.src, &hdr.dst, hdr.ipid))
continue;
if (!probe->isPing()) {
@@ -1788,8 +1761,7 @@ bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
goodone = false;
ss_len = sizeof(target_src);
hss->target->SourceSockAddr(&target_src, &ss_len);
target_src = hss->target->SourceSockAddr();
/* Find the probe that provoked this response. */
for (probenum = 0; probenum < listsz && !goodone; probenum++) {
@@ -1801,7 +1773,7 @@ bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
/* Ensure the connection info matches. */
if (probe->dport() != ntohs(sctp->sh_sport)
|| probe->sport() != ntohs(sctp->sh_dport)
|| sockaddr_storage_cmp(&target_src, &hdr.dst) != 0)
|| sockaddr_storage_cmp(target_src, &hdr.dst) != 0)
continue;
/* Sometimes we get false results when scanning localhost with
@@ -1886,10 +1858,8 @@ bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
probeI = hss->probes_outstanding.end();
listsz = hss->num_probes_outstanding();
ss_len = sizeof(target_src);
hss->target->SourceSockAddr(&target_src, &ss_len);
ss_len = sizeof(target_dst);
hss->target->TargetSockAddr(&target_dst, &ss_len);
target_src = hss->target->SourceSockAddr();
target_dst = hss->target->TargetSockAddr();
goodone = false;
/* Find the matching probe */
@@ -1897,8 +1867,8 @@ bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
probeI--;
probe = *probeI;
if (probe->protocol() != encaps_hdr.proto ||
sockaddr_storage_cmp(&target_src, &encaps_hdr.src) != 0 ||
sockaddr_storage_cmp(&target_dst, &encaps_hdr.dst) != 0)
sockaddr_storage_cmp(target_src, &encaps_hdr.src) != 0 ||
sockaddr_storage_cmp(target_dst, &encaps_hdr.dst) != 0)
continue;
if (encaps_hdr.proto == IPPROTO_TCP && !USI->prot_scan) {
@@ -1933,17 +1903,17 @@ bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
break;
case 2: /* protocol unreachable */
if (USI->scantype == IPPROT_SCAN &&
sockaddr_storage_cmp(&target_dst, &hdr.src) == 0) {
sockaddr_storage_cmp(target_dst, &hdr.src) == 0) {
newstate = PORT_CLOSED;
} else
newstate = PORT_FILTERED;
break;
case 3: /* Port unreach */
if (USI->scantype == UDP_SCAN &&
sockaddr_storage_cmp(&target_dst, &hdr.src) == 0)
sockaddr_storage_cmp(target_dst, &hdr.src) == 0)
newstate = PORT_CLOSED;
else if (USI->scantype == IPPROT_SCAN &&
sockaddr_storage_cmp(&target_dst, &hdr.src) == 0)
sockaddr_storage_cmp(target_dst, &hdr.src) == 0)
newstate = PORT_OPEN;
else
newstate = PORT_FILTERED;
@@ -2015,10 +1985,8 @@ bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
probeI = hss->probes_outstanding.end();
listsz = hss->num_probes_outstanding();
ss_len = sizeof(target_src);
hss->target->SourceSockAddr(&target_src, &ss_len);
ss_len = sizeof(target_dst);
hss->target->TargetSockAddr(&target_dst, &ss_len);
target_src = hss->target->SourceSockAddr();
target_dst = hss->target->TargetSockAddr();
goodone = false;
/* Find the matching probe */
@@ -2026,8 +1994,8 @@ bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
probeI--;
probe = *probeI;
if (probe->protocol() != encaps_hdr.proto ||
sockaddr_storage_cmp(&target_src, &encaps_hdr.src) != 0 ||
sockaddr_storage_cmp(&target_dst, &encaps_hdr.dst) != 0)
sockaddr_storage_cmp(target_src, &encaps_hdr.src) != 0 ||
sockaddr_storage_cmp(target_dst, &encaps_hdr.dst) != 0)
continue;
if (encaps_hdr.proto == IPPROTO_TCP && !USI->prot_scan) {
@@ -2081,10 +2049,10 @@ bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
case ICMPV6_UNREACH_PORT:
current_reason = ER_PORTUNREACH;
if (USI->scantype == UDP_SCAN &&
sockaddr_storage_cmp(&target_dst, &hdr.src) == 0)
sockaddr_storage_cmp(target_dst, &hdr.src) == 0)
newstate = PORT_CLOSED;
else if (USI->scantype == IPPROT_SCAN &&
sockaddr_storage_cmp(&target_dst, &hdr.src) == 0)
sockaddr_storage_cmp(target_dst, &hdr.src) == 0)
newstate = PORT_OPEN;
else
newstate = PORT_FILTERED;
@@ -2104,7 +2072,7 @@ bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
break;
case ICMPV6_PARAMPROBLEM_NEXTHEADER:
if (USI->scantype == IPPROT_SCAN &&
sockaddr_storage_cmp(&target_dst, &hdr.src) == 0) {
sockaddr_storage_cmp(target_dst, &hdr.src) == 0) {
newstate = PORT_CLOSED;
} else {
newstate = PORT_FILTERED;
@@ -2136,8 +2104,7 @@ bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
continue; // Not from a host that interests us
probeI = hss->probes_outstanding.end();
listsz = hss->num_probes_outstanding();
ss_len = sizeof(target_src);
hss->target->SourceSockAddr(&target_src, &ss_len);
target_src = hss->target->SourceSockAddr();
goodone = false;
@@ -2152,7 +2119,7 @@ bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
/* Ensure the connection info matches. */
if (probe->dport() != ntohs(udp->uh_sport) ||
probe->sport() != ntohs(udp->uh_dport) ||
sockaddr_storage_cmp(&target_src, &hdr.dst) != 0)
sockaddr_storage_cmp(target_src, &hdr.dst) != 0)
continue;
/* Sometimes we get false results when scanning localhost with
@@ -2179,13 +2146,9 @@ bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
} while (!goodone && !timedout);
if (goodone) {
struct sockaddr_storage target_dst;
size_t ss_len;
const struct sockaddr_storage *target_dst = hss->target->TargetSockAddr();
ss_len = sizeof(target_dst);
hss->target->TargetSockAddr(&target_dst, &ss_len);
if (sockaddr_storage_cmp(&hdr.src, &target_dst) == 0)
if (sockaddr_storage_cmp(&hdr.src, target_dst) == 0)
reason_sip.ss_family = AF_UNSPEC;
else
reason_sip = hdr.src;

7
tcpip.cc
View File

@@ -1608,9 +1608,6 @@ void pcap_print_stats(int logt, pcap_t *pd) {
This function returns 0 if it ends up setting the MAC, nonzero otherwise. */
int setTargetMACIfAvailable(Target *target, struct link_header *linkhdr,
const struct sockaddr_storage *src, int overwrite) {
struct sockaddr_storage addr;
size_t addr_len;
if (!linkhdr || !target || !src)
return 1;
@@ -1620,9 +1617,7 @@ int setTargetMACIfAvailable(Target *target, struct link_header *linkhdr,
if (!overwrite && target->MACAddress())
return 3;
addr_len = sizeof(addr);
target->TargetSockAddr(&addr, &addr_len);
if (sockaddr_storage_cmp(src, &addr) != 0)
if (sockaddr_storage_cmp(src, target->TargetSockAddr()) != 0)
return 4;
/* Sometimes bogus MAC address still gets through, like during some localhost scans */

34
traceroute.cc
View File

@@ -606,20 +606,18 @@ void Probe::send(int rawsd, eth_t *ethsd, struct timeval *now) {
}
for (decoy = 0; decoy < o.numdecoys; decoy++) {
struct sockaddr_storage source;
size_t source_len;
const struct sockaddr_storage *source;
unsigned char *packet;
u32 packetlen;
if (decoy == o.decoyturn) {
source_len = sizeof(source);
host->target->SourceSockAddr(&source, &source_len);
source = host->target->SourceSockAddr();
sent_time = get_now(now);
} else {
source = o.decoys[decoy];
source = &(o.decoys[decoy]);
}
packet = this->build_packet(&source, &packetlen);
packet = this->build_packet(source, &packetlen);
send_ip_packet(rawsd, ethp, host->target->TargetSockAddr(), packet, packetlen);
free(packet);
}
@@ -832,8 +830,6 @@ Probe *Probe::make(HostState *host, struct probespec pspec, u8 ttl)
TracerouteState::TracerouteState(std::vector<Target *> &targets) {
std::vector<Target *>::const_iterator it;
struct sockaddr_storage srcaddr;
size_t sslen;
char pcap_filter[128];
int n;
@@ -859,10 +855,8 @@ TracerouteState::TracerouteState(std::vector<Target *> &targets) {
/* Assume that all the targets share the same device. */
if((pd=my_pcap_open_live(targets[0]->deviceName(), 128, o.spoofsource, 2))==NULL)
fatal("%s", PCAP_OPEN_ERRMSG);
sslen = sizeof(srcaddr);
targets[0]->SourceSockAddr(&srcaddr, &sslen);
n = Snprintf(pcap_filter, sizeof(pcap_filter), "(ip or ip6) and dst host %s",
ss_to_string(&srcaddr));
ss_to_string(targets[0]->SourceSockAddr()));
assert(n < (int) sizeof(pcap_filter));
set_pcap_filter(targets[0]->deviceFullName(), pd, pcap_filter);
if (o.debugging)
@@ -1056,17 +1050,13 @@ void TracerouteState::set_host_hop(HostState *host, u8 ttl,
/* Hit the cache going down. Seek to the end of the chain. If we have the
tag for the last node, we take responsibility for finishing the trace.
Otherwise, start counting up. */
struct sockaddr_storage addr;
size_t sslen;
while (hop->parent != NULL) {
hop = hop->parent;
/* No need to re-probe any merged hops. */
host->sent_ttls[hop->ttl] = true;
}
sslen = sizeof(addr);
host->target->TargetSockAddr(&addr, &sslen);
if (sockaddr_storage_equal(&hop->tag, &addr)) {
if (sockaddr_storage_equal(&hop->tag, host->target->TargetSockAddr())) {
if (o.debugging > 1) {
log_write(LOG_STDOUT, "%s continuing trace from TTL %d\n",
host->target->targetipstr(), host->current_ttl);
@@ -1247,9 +1237,7 @@ static bool read_reply(Reply *reply, pcap_t *pd, long timeout) {
}
void TracerouteState::read_replies(long timeout) {
struct sockaddr_storage ss;
struct timeval now;
size_t sslen;
Reply reply;
assert(timeout / 1000 <= (long) o.scan_delay);
@@ -1272,9 +1260,7 @@ void TracerouteState::read_replies(long timeout) {
continue;
host = probe->host;
sslen = sizeof(ss);
host->target->TargetSockAddr(&ss, &sslen);
if (sockaddr_storage_equal(&ss, &reply.from_addr)) {
if (sockaddr_storage_equal(host->target->TargetSockAddr(), &reply.from_addr)) {
adjust_timeouts2(&probe->sent_time, &reply.rcvdtime, &host->target->to);
if (host->reached_target == 0 || probe->ttl < host->reached_target)
host->reached_target = probe->ttl;
@@ -1442,12 +1428,8 @@ Probe *TracerouteState::lookup_probe(
std::list<Probe *>::iterator probe_iter;
for (host_iter = active_hosts.begin(); host_iter != active_hosts.end(); host_iter++) {
struct sockaddr_storage ss;
size_t sslen;
sslen = sizeof(ss);
(*host_iter)->target->TargetSockAddr(&ss, &sslen);
if (!sockaddr_storage_equal(&ss, target_addr))
if (!sockaddr_storage_equal((*host_iter)->target->TargetSockAddr(), target_addr))
continue;
for (probe_iter = (*host_iter)->unanswered_probes.begin();
probe_iter != (*host_iter)->unanswered_probes.end();