PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-24 00:19:01 +00:00
Code Issues Projects Releases Wiki Activity

Use u32 instead of int for all ipids

Browse Source 
IP ID is an unsigned value. Explicit wrapping checks were needed to
support using a signed int, and a few users were reporting compile
errors because of a large constant:
http://seclists.org/nmap-dev/2013/q4/247
This commit is contained in:
dmiller
2013-12-04 12:51:59 +00:00
parent 89db1ca27c
commit 45179297f5
4 changed files with 16 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
global_structures.h
View File

@@ -316,9 +316,9 @@ struct seq_info {
/* Different kinds of Ipids. */ /* Different kinds of Ipids. */
struct ipid_info { struct ipid_info {
int tcp_ipids[NUM_SEQ_SAMPLES]; u32 tcp_ipids[NUM_SEQ_SAMPLES];
int tcp_closed_ipids[NUM_SEQ_SAMPLES]; u32 tcp_closed_ipids[NUM_SEQ_SAMPLES];
int icmp_ipids[NUM_SEQ_SAMPLES]; u32 icmp_ipids[NUM_SEQ_SAMPLES];
}; };
/* The various kinds of port/protocol scans we can have /* The various kinds of port/protocol scans we can have

2
idle_scan.cc
View File

@@ -552,7 +552,7 @@ static void initialize_idleproxy(struct idle_proxy_info *proxy, char *proxyName,
struct ip *ip; struct ip *ip;
struct tcp_hdr *tcp; struct tcp_hdr *tcp;
int distance; int distance;
int ipids[NUM_IPID_PROBES]; u32 ipids[NUM_IPID_PROBES];
u8 probe_returned[NUM_IPID_PROBES]; u8 probe_returned[NUM_IPID_PROBES];
struct route_nfo rnfo; struct route_nfo rnfo;
assert(proxyName); assert(proxyName);

22
osscan2.cc
View File

@@ -193,7 +193,7 @@ struct scan_performance_vars perf;
test result should be omitted, the function returns NULL and doesn't modify test result should be omitted, the function returns NULL and doesn't modify
*av. Otherwise, it returns av after filling in the information. */ *av. Otherwise, it returns av after filling in the information. */
static struct AVal *make_aval_ipid_seq(struct AVal *av, const char *attribute, static struct AVal *make_aval_ipid_seq(struct AVal *av, const char *attribute,
int ipid_seqclass, int ipids[NUM_SEQ_SAMPLES]) { int ipid_seqclass, u32 ipids[NUM_SEQ_SAMPLES]) {
switch (ipid_seqclass) { switch (ipid_seqclass) {
case IPID_SEQ_CONSTANT: case IPID_SEQ_CONSTANT:
av->value = string_pool_sprintf("%X", ipids[0]); av->value = string_pool_sprintf("%X", ipids[0]);
@@ -332,7 +332,7 @@ int identify_sequence(int numSamples, u32 *ipid_diffs, int islocalhost, int alli
/* Calculate the distances between the ipids and write them /* Calculate the distances between the ipids and write them
into the ipid_diffs array */ into the ipid_diffs array */
int get_diffs(u32 *ipid_diffs, int numSamples, int *ipids, int islocalhost) { int get_diffs(u32 *ipid_diffs, int numSamples, u32 *ipids, int islocalhost) {
int i; int i;
int allipideqz = 1; int allipideqz = 1;
@@ -343,11 +343,7 @@ int get_diffs(u32 *ipid_diffs, int numSamples, int *ipids, int islocalhost) {
if (ipids[i - 1] != 0 || ipids[i] != 0) if (ipids[i - 1] != 0 || ipids[i] != 0)
allipideqz = 0; /* All IP.ID values do *NOT* equal zero */ allipideqz = 0; /* All IP.ID values do *NOT* equal zero */
if (ipids[i - 1] <= ipids[i]) { ipid_diffs[i - 1] = ipids[i] - ipids[i - 1];
ipid_diffs[i - 1] = ipids[i] - ipids[i - 1];
} else {
ipid_diffs[i - 1] = (u32) (ipids[i] - ipids[i - 1] + 4294967296);
}
/* Random */ /* Random */
if (numSamples > 2 && ipid_diffs[i - 1] > 20000) if (numSamples > 2 && ipid_diffs[i - 1] > 20000)
@@ -359,7 +355,7 @@ int get_diffs(u32 *ipid_diffs, int numSamples, int *ipids, int islocalhost) {
} }
/* Indentify the ipid sequence for 32-bit IPID values (IPv6) */ /* Indentify the ipid sequence for 32-bit IPID values (IPv6) */
int get_ipid_sequence_32(int numSamples, int *ipids, int islocalhost) { int get_ipid_sequence_32(int numSamples, u32 *ipids, int islocalhost) {
int allipideqz=1; int allipideqz=1;
u32 ipid_diffs[32]; u32 ipid_diffs[32];
assert(numSamples < (int) (sizeof(ipid_diffs) / 2)); assert(numSamples < (int) (sizeof(ipid_diffs) / 2));
@@ -368,7 +364,7 @@ int get_ipid_sequence_32(int numSamples, int *ipids, int islocalhost) {
} }
/* Indentify the ipid sequence for 16-bit IPID values (IPv4) */ /* Indentify the ipid sequence for 16-bit IPID values (IPv4) */
int get_ipid_sequence_16(int numSamples, int *ipids, int islocalhost) { int get_ipid_sequence_16(int numSamples, u32 *ipids, int islocalhost) {
int i; int i;
int allipideqz=1; int allipideqz=1;
u32 ipid_diffs[32]; u32 ipid_diffs[32];
@@ -2390,21 +2386,21 @@ void HostOsScan::makeTSeqFP(HostOsScanStats *hss) {
good_icmp_ipid_num = 0; good_icmp_ipid_num = 0;
for (i = 0; i < NUM_SEQ_SAMPLES; i++) { for (i = 0; i < NUM_SEQ_SAMPLES; i++) {
if (hss->ipid.tcp_ipids[i] != -1) { if (hss->ipid.tcp_ipids[i] != 0xffffffff) {
if (good_tcp_ipid_num < i) { if (good_tcp_ipid_num < i) {
hss->ipid.tcp_ipids[good_tcp_ipid_num] = hss->ipid.tcp_ipids[i]; hss->ipid.tcp_ipids[good_tcp_ipid_num] = hss->ipid.tcp_ipids[i];
} }
good_tcp_ipid_num++; good_tcp_ipid_num++;
} }
if (hss->ipid.tcp_closed_ipids[i] != -1) { if (hss->ipid.tcp_closed_ipids[i] != 0xffffffff) {
if (good_tcp_closed_ipid_num < i) { if (good_tcp_closed_ipid_num < i) {
hss->ipid.tcp_closed_ipids[good_tcp_closed_ipid_num] = hss->ipid.tcp_closed_ipids[i]; hss->ipid.tcp_closed_ipids[good_tcp_closed_ipid_num] = hss->ipid.tcp_closed_ipids[i];
} }
good_tcp_closed_ipid_num++; good_tcp_closed_ipid_num++;
} }
if (hss->ipid.icmp_ipids[i] != -1) { if (hss->ipid.icmp_ipids[i] != 0xffffffff) {
if (good_icmp_ipid_num < i) { if (good_icmp_ipid_num < i) {
hss->ipid.icmp_ipids[good_icmp_ipid_num] = hss->ipid.icmp_ipids[i]; hss->ipid.icmp_ipids[good_icmp_ipid_num] = hss->ipid.icmp_ipids[i];
} }
@@ -2450,7 +2446,7 @@ void HostOsScan::makeTSeqFP(HostOsScanStats *hss) {
/* Both are incremental. Thus we have "SS" test. Check if they /* Both are incremental. Thus we have "SS" test. Check if they
are in the same sequence. */ are in the same sequence. */
AV.attribute = "SS"; AV.attribute = "SS";
int avg = (hss->ipid.tcp_ipids[good_tcp_ipid_num - 1] - hss->ipid.tcp_ipids[0]) / (good_tcp_ipid_num - 1); u32 avg = (hss->ipid.tcp_ipids[good_tcp_ipid_num - 1] - hss->ipid.tcp_ipids[0]) / (good_tcp_ipid_num - 1);
if ( hss->ipid.icmp_ipids[0] < hss->ipid.tcp_ipids[good_tcp_ipid_num - 1] + 3 * avg) { if ( hss->ipid.icmp_ipids[0] < hss->ipid.tcp_ipids[good_tcp_ipid_num - 1] + 3 * avg) {
AV.value = "S"; AV.value = "S";
} else { } else {

6
osscan2.h
View File

@@ -189,9 +189,9 @@ void os_scan2(std::vector<Target *> &Targets);
int get_initial_ttl_guess(u8 ttl); int get_initial_ttl_guess(u8 ttl);
int identify_sequence(int numSamples, u32 *ipid_diffs, int islocalhost, int allipideqz); int identify_sequence(int numSamples, u32 *ipid_diffs, int islocalhost, int allipideqz);
int get_diffs(u32 *ipid_diffs, int numSamples, int *ipids, int islocalhost); int get_diffs(u32 *ipid_diffs, int numSamples, u32 *ipids, int islocalhost);
int get_ipid_sequence_16(int numSamples, int *ipids, int islocalhost); int get_ipid_sequence_16(int numSamples, u32 *ipids, int islocalhost);
int get_ipid_sequence_32(int numSamples, int *ipids, int islocalhost); int get_ipid_sequence_32(int numSamples, u32 *ipids, int islocalhost);
/****************************************************************************** /******************************************************************************
* CLASS DEFINITIONS * * CLASS DEFINITIONS *