Some string optimizations in NSE

Changes fall into these categories:

1. Avoid pathological string building. Loops over x = x .. "foo" can
become very slow. Instead, use strbuf.lua, table.concat, or just one
continuous concatenation; a = x .. y .. z is one operation, better than
a = x .. y; a = a .. z

2. Use hex-escaped strings instead of string.char. I find this more
readable in many cases, and it avoids a table lookup and function call.

3. Don't duplicate code. A few libraries and scripts had re-implemented
stdnse.generate_random_string or openssl.rand_bytes.

nselib/cassandra.lua

@@ -25,33 +25,28 @@ _ENV = stdnse.module("cassandra", stdnse.seeall)
 ]]--
 
 -- Protocol magic strings
-CASSANDRAREQ = string.char(0x80,0x01,0x00,0x01)
-CASSANDRARESP = string.char(0x80,0x01,0x00,0x02)
-CASSLOGINMAGIC = string.char(0x00, 0x00,0x00,0x01,0x0c,0x00,0x01,0x0d,0x00,0x01,0x0b,0x0b,0x00,0x00,0x00,0x02)
-LOGINSUCC = string.char(0x00,0x00,0x00,0x01,0x00)
-LOGINFAIL = string.char(0x00,0x00,0x00,0x01,0x0b)
-LOGINACC = string.char(0x00,0x00,0x00,0x01,0x0c)
-
---Returns string in format length+string itself
---@param str to format
---@return str : string in format length+string itself
-function pack4str (str)
-        return (bin.pack(">I",string.len(str)) .. str)
-end
+CASSANDRAREQ = "\x80\x01\x00\x01"
+CASSANDRARESP = "\x80\x01\x00\x02"
+CASSLOGINMAGIC = "\x00\x00\x00\x01\x0c\x00\x01\x0d\x00\x01\x0b\x0b\x00\x00\x00\x02"
+LOGINSUCC = "\x00\x00\x00\x01\x00"
+LOGINFAIL = "\x00\x00\x00\x01\x0b"
+LOGINACC = "\x00\x00\x00\x01\x0c"
 
 --Returns string in cassandra format for login
 --@param username to put in format
 --@param password to put in format
 --@return str : string in cassandra format for login
 function loginstr (username, password)
-        local str = CASSANDRAREQ .. pack4str ("login")
-        str = str .. CASSLOGINMAGIC
-        str = str .. pack4str("username")
-        str = str .. pack4str(username)
-        str = str .. pack4str("password")
-        str = str .. pack4str(password)
-        str = str .. string.char (0x00, 0x00) -- add two null on the end
-        return str
+  return bin.pack("A>aAaaaaA",
+    CASSANDRAREQ,
+    "login",
+    CASSLOGINMAGIC,
+    "username",
+    username,
+    "password",
+    password,
+    "\x00\x00" -- add two null on the end
+    )
 end
 
 --Invokes command over socket and returns the response
@@ -61,10 +56,12 @@ end
 --@return status : true if ok; false if bad
 --@return result : value if status ok, error msg if bad
 function cmdstr (command,cnt)
-        local str = CASSANDRAREQ .. pack4str (command)
-        str = str .. bin.pack(">I",cnt)
-        str = str .. string.char (0x00) -- add null on the end
-        return str
+  return bin.pack("A>aIA",
+    CASSANDRAREQ,
+    command,
+    cnt,
+    "\x00" -- add null on the end
+    )
 end
 
 --Invokes command over socket and returns the response
@@ -103,7 +100,7 @@ function sendcmd (socket, command, cnt)
   end
 
   -- magic response starts at 5th byte for 4 bytes, 4 byte for length + length of string command
-  if (string.sub(response,5,8+4+string.len(command)) ~= CASSANDRARESP..pack4str(command)) then
+  if (string.sub(response,5,8+4+string.len(command)) ~= bin.pack("A>a", CASSANDRARESP, command)) then
     return false, "protocol response error"
   end
 
@@ -190,7 +187,7 @@ function login (socket,username,password)
   local _, size = bin.unpack(">I", response, 1)
 
   local loginresp = string.sub(response,5,17)
-  if (loginresp ~= CASSANDRARESP..pack4str("login")) then
+  if (loginresp ~= bin.pack("A>a", CASSANDRARESP, "login")) then
     return false, "protocol error"
   end