From 4d73305a5a29d437b7d2b71f6bd5500f0b3602e2 Mon Sep 17 00:00:00 2001
From: david <david@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Thu, 26 Mar 2009 14:28:53 +0000
Subject: [PATCH] Add a fix in the calculation of the SEQ.CI test submitted by
 Guillaume Prigent. The CI samples could sometimes be written into the TI
 array. This would happen if there were any holes in the original CI array.

---
 CHANGELOG  | 5 +++++
 osscan2.cc | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG b/CHANGELOG
index 345665406..bd595d9e0 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,10 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o Version 4.85BETA4 had a bug in the implementation of the new SEQ.CI
+  test that could cause a closed-port IP ID to be written into the
+  array for the SEQ.TI test and cause erroneous results. The bug was
+  found and fixed by Guillaume Prigent.
+
 o Nbase has grown routines for calculating Adler32 and CRC32C
   checksums. [Daniel Roethlisberger]
 
diff --git a/osscan2.cc b/osscan2.cc
index f86ce0e2f..e2ca1718a 100644
--- a/osscan2.cc
+++ b/osscan2.cc
@@ -1826,7 +1826,7 @@ void HostOsScan::makeTSeqFP(HostOsScanStats *hss) {
     
     if (hss->ipid.tcp_closed_ipids[i] != -1) {
       if (good_tcp_closed_ipid_num < i) {
-        hss->ipid.tcp_ipids[good_tcp_closed_ipid_num] = hss->ipid.tcp_closed_ipids[i];
+        hss->ipid.tcp_closed_ipids[good_tcp_closed_ipid_num] = hss->ipid.tcp_closed_ipids[i];
       }
       good_tcp_closed_ipid_num++;
     }