Some string optimizations in NSE

Changes fall into these categories: 1. Avoid pathological string building. Loops over x = x .. "foo" can become very slow. Instead, use strbuf.lua, table.concat, or just one continuous concatenation; a = x .. y .. z is one operation, better than a = x .. y; a = a .. z 2. Use hex-escaped strings instead of string.char. I find this more readable in many cases, and it avoids a table lookup and function call. 3. Don't duplicate code. A few libraries and scripts had re-implemented stdnse.generate_random_string or openssl.rand_bytes.
2026-01-06 06:29:03 +00:00 · 2014-09-03 04:49:54 +00:00
parent 25725d369e
commit 40f36a4e3e
26 changed files with 202 additions and 243 deletions
--- a/scripts/stuxnet-detect.nse
+++ b/scripts/stuxnet-detect.nse
@@ -35,7 +35,7 @@ categories = {"discovery", "intrusive"}


 local STUXNET_PATHS = {"\\\\browser", "\\\\ntsvcs", "\\\\pipe\\browser", "\\\\pipe\\ntsvcs"}
-local STUXNET_UUID = string.char(0xe1, 0x04, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0xc0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x46)
+local STUXNET_UUID = "\xe1\x04\x02\x00\x00\x00\x00\x00\xc0\x00\x00\x00\x00\x00\x00\x46"
 local STUXNET_VERSION = 0x01

 local RPC_GET_VERSION = 0x00