diff --git a/docs/nmap.usage.txt b/docs/nmap.usage.txt index cc3e0ca69..548a0c6ae 100644 --- a/docs/nmap.usage.txt +++ b/docs/nmap.usage.txt @@ -1,4 +1,4 @@ -Nmap 4.20ALPHA11 ( http://insecure.org ) +Nmap 4.20RC1 ( http://insecure.org ) Usage: nmap [Scan Type(s)] [Options] {target specification} TARGET SPECIFICATION: Can pass hostnames, IP addresses, networks, etc. diff --git a/libpcre/pcre_winconfig.h b/libpcre/pcre_winconfig.h index ff6fcee29..e3fa1ac2f 100644 --- a/libpcre/pcre_winconfig.h +++ b/libpcre/pcre_winconfig.h @@ -33,6 +33,35 @@ default default. */ #define MATCH_LIMIT 10000000 #endif +/* The above limit applies to all calls of match(), whether or not they +increase the recursion depth. In some environments it is desirable to limit the +depth of recursive calls of match() more strictly, in order to restrict the +maximum amount of stack (or heap, if NO_RECURSE is defined) that is used. The +value of MATCH_LIMIT_RECURSION applies only to recursive calls of match(). To +have any useful effect, it must be less than the value of MATCH_LIMIT. There is +a runtime method for setting a different limit. On systems that support it, +"configure" can be used to override this default default. */ + +#ifndef MATCH_LIMIT_RECURSION +#define MATCH_LIMIT_RECURSION MATCH_LIMIT +#endif + +/* These three limits are parameterized just in case anybody ever wants to +change them. Care must be taken if they are increased, because they guard +against integer overflow caused by enormously large patterns. */ + +#ifndef MAX_NAME_SIZE +#define MAX_NAME_SIZE 32 +#endif + +#ifndef MAX_NAME_COUNT +#define MAX_NAME_COUNT 10000 +#endif + +#ifndef MAX_DUPLENGTH +#define MAX_DUPLENGTH 30000 +#endif + // This is set by configure on other platforms -Fyodor #define POSIX_MALLOC_THRESHOLD 10 diff --git a/tcpip.cc b/tcpip.cc index dbb559e36..d78b1d06a 100644 --- a/tcpip.cc +++ b/tcpip.cc @@ -1846,7 +1846,7 @@ if (!pd) fatal("NULL packet device passed to readip_pcap"); pcap_descriptor = -1; if (pcap_selectable_fd_valid()) - pcap_descriptor = pcap_get_selectable_fd(pd); + pcap_descriptor = my_pcap_get_selectable_fd(pd); do { #ifdef WIN32 @@ -1956,6 +1956,20 @@ bool pcap_selectable_fd_valid() { return true; } +/* Call this instead of pcap_get_selectable_fd directly (or your code + won't compile on Windows). On systems which don't seem to support + the pcap_get_selectable_fd() function properly, returns -1, + otherwise simply calls pcap_selectable_fd and returns the + results. If you just want to test whether the function is supported, + use pcap_selectable_fd_valid() instead. */ +int my_pcap_get_selectable_fd(pcap_t *p) { +#if defined(WIN32) || defined(MACOSX) + return -1; +#else + assert(pcap_selectable_fd_valid()); + return pcap_get_selectable_fd(p); +#endif +} // Returns whether the packet receive time value obtained from libpcap @@ -2078,7 +2092,7 @@ int read_arp_reply_pcap(pcap_t *pd, u8 *sendermac, struct in_addr *senderIP, pcap_descriptor = -1; if (pcap_selectable_fd_valid()) - pcap_descriptor = pcap_get_selectable_fd(pd); + pcap_descriptor = my_pcap_get_selectable_fd(pd); p = NULL; if (pcap_descriptor != -1) { diff --git a/tcpip.h b/tcpip.h index f5b9aaf20..5624e7b22 100644 --- a/tcpip.h +++ b/tcpip.h @@ -621,6 +621,13 @@ pcap_t *my_pcap_open_live(const char *device, int snaplen, int promisc, // Returns whether the system supports pcap_get_selectable_fd() properly bool pcap_selectable_fd_valid(); +/* Call this instead of pcap_get_selectable_fd directly (or your code + won't compile on Windows). On systems which don't seem to support + the pcap_get_selectable_fd() function properly, returns -1, + otherwise simply calls pcap_selectable_fd and returns the + results. If you just want to test whether the function is supported, + use pcap_selectable_fd_valid() instead. */ +int my_pcap_get_selectable_fd(pcap_t *p); // Returns whether the packet receive time value obtaned from libpcap // (and thus by readip_pcap()) should be considered valid. When