From 43523f441bc0fe8d588efa90fc182ba08c31476d Mon Sep 17 00:00:00 2001
From: kris <kris@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Tue, 8 Apr 2008 14:58:17 +0000
Subject: [PATCH] Correcting the uptime parsing and reporting in
 SNMPsysdesr.nse when the uptime is less than about 46 hours.  The amount of
 bytes holding the uptime is variable up to 4, but the script was assuming it
 always held 4 bytes of uptime.  When the real uptime was less than 46 hours,
 this script was reporting an uptime anywhere from 5 days to 130 days (I think
 it actually reported 0 days once, but the hours were all messed up).

---
 CHANGELOG               |  3 +++
 scripts/SNMPsysdesr.nse | 30 +++++++++++++++++++++---------
 2 files changed, 24 insertions(+), 9 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 9611f8921..359f17ce5 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -17,6 +17,9 @@ o Added NSE Datafiles library which reads and parses Nmap's nmap-*
   (e.g. port numbers) indexing names (e.g. service names).  The
   rpcinfo.nse script was also updated to use this library. [Kris]
 
+o Corrected uptime parsing and reporting in SNMPsysdesr.nse for an
+  uptime of less than 46 hours. [Kris]
+
 o Added many additional PCRE option flags to the list returned by the
   NSE pcre.flags() function. [Kris]
 
diff --git a/scripts/SNMPsysdesr.nse b/scripts/SNMPsysdesr.nse
index bf2390038..7921346fd 100644
--- a/scripts/SNMPsysdesr.nse
+++ b/scripts/SNMPsysdesr.nse
@@ -90,18 +90,30 @@ action = function(host, port)
 	
 	try(socket:close())
 
-	if string.find(response, "\006\001\002\001\001\003") == nil then
+	local start, stop = response:find("\006\001\002\001\001\003\000")
+
+	if start == nil then
 		return result
 	end
 	
-	local length,uptime,s1,s2,s3,s4
-	
-	length = string.len(response)
-	
-	s1,s2,s3,s4 = string.byte(response, length - 3, length)
-	
-	uptime = s1*(2^24) + s2*(2^16) + s3*(2^8) + s4
-	
+	local uplen,uptime,s1,s2,s3,s4
+
+	uplen = response:byte(stop + 2)
+
+	s1,s2,s3,s4 = response:byte(stop + 3, stop + 3 + uplen)
+
+	if uplen == 4 then
+		uptime = s1*(2^24) + s2*(2^16) + s3*(2^8) + s4
+	elseif uplen == 3 then
+		uptime = s1*(2^16) + s2*(2^8) + s3
+	elseif uplen == 2 then
+		uptime = s1*(2^8) + s2
+	elseif uplen == 1 then
+		uptime = s1
+	else
+		return result
+	end
+
 	local days, hours, minutes, seconds, htime, mtime, stime
 	days = math.floor(uptime / 8640000)
 	htime = math.fmod(uptime, 8640000)