portability fixes, fixed UDP phantom port bug, fixed --version-intensity crash, changed mass_dns to give warning rather than error if cannot find dns servers

2025-12-06 04:31:29 +00:00 · 2006-06-10 21:23:27 +00:00
parent 1b54cfc578
commit 5a9fea3b39
14 changed files with 178 additions and 10 deletions
--- a/17
+++ b/17
@@ -5,6 +5,23 @@ o Updated nmap-mac-prefixes to reflect the latest OUI DB from the IEEE
  Also added a couple unregistered OUI's (for QEMU and Bochs)
  suggested by Robert Millan (rmh(a)aybabtu.com).

+o Fixed a bug which could cause false "open" ports when doing a UDP
+  scan of localhost. This usually only happened when you scan tens of
+  thousands of ports (e.g. -p- option).
+
+o Fixed a bug in service detection which could lead to a crash when
+  "--version-intensity 0" was used with a UDP scan.  Thanks to Makoto
+  Shiotsuki (shio(a)st.rim.or.jp) for reporting the problem and Doug
+  Hoyte for producing a patch.
+
+o Made some AIX and HP-UX portability fixes to Libdnet and NmapFE.
+  These were sent in by Peter O'Gorman
+  (nmap-dev(a)mlists.thewrittenword.com).
+
+o Changed mass_dns system to print a warning if it can't find any
+  available DNS servers, but not quit like it used to.  Thanks to Doug
+  Hoyte for the patch.
+
 Nmap 4.04BETA1

 o Integrated all of your submissions (about a thousand) from the first
--- a/docs/nmap.dtd
+++ b/docs/nmap.dtd
@@ -78,7 +78,7 @@
 			start		%attr_numeric;	#IMPLIED
 			startstr	CDATA	        #IMPLIED
 			version		CDATA		#REQUIRED
-			xmloutputversion (1.02)		#REQUIRED
+			xmloutputversion (1.01)		#REQUIRED
 >

 <!-- this element is written in output.c:doscaninfo() -->
--- a/libdnet-stripped/NMAP_MODIFICATIONS
+++ b/libdnet-stripped/NMAP_MODIFICATIONS
@@ -185,3 +185,115 @@ o Consider Windows interfaces to be down if they are disconnected, unreachable,
                entry->intf_flags |= INTF_FLAG_UP;
        if (ifrow->dwType == MIB_IF_TYPE_LOOPBACK)
                entry->intf_flags |= INTF_FLAG_LOOPBACK;
+
+o Made some AIX/HP-UX portability changes sent in by Peter O'Gorman
+(nmap-dev@mlists.thewrittenword.com):
+
+
+Index: include/dnet/ip6.h
+===================================================================
+--- include/dnet/ip6.h  (revision 3309)
+++ include/dnet/ip6.h  (working copy)
+@@ -25,7 +25,9 @@
+ } ip6_addr_t;
+
+ #ifndef __GNUC__
+#ifndef __attribute__
+ # define __attribute__(x)
+#endif
+ # pragma pack(1)
+ #endif
+
+Index: include/dnet/ip.h
+===================================================================
+--- include/dnet/ip.h   (revision 3309)
+++ include/dnet/ip.h   (working copy)
+@@ -25,7 +25,9 @@
+ typedef uint32_t       ip_addr_t;
+
+ #ifndef __GNUC__
+#ifndef __attribute__
+ # define __attribute__(x)
+#endif
+ # pragma pack(1)
+ #endif
+
+Index: include/dnet/arp.h
+===================================================================
+--- include/dnet/arp.h  (revision 3309)
+++ include/dnet/arp.h  (working copy)
+@@ -16,7 +16,9 @@
+ #define ARP_ETHIP_LEN  20      /* base ARP message length */
+
+ #ifndef __GNUC__
+#ifndef __attribute__
+ # define __attribute__(x)
+#endif
+ # pragma pack(1)
+ #endif
+
+Index: include/dnet/tcp.h
+===================================================================
+--- include/dnet/tcp.h  (revision 3309)
+++ include/dnet/tcp.h  (working copy)
+@@ -17,7 +17,9 @@
+ #define TCP_HDR_LEN_MAX        (TCP_HDR_LEN + TCP_OPT_LEN_MAX)
+
+ #ifndef __GNUC__
+#ifndef __attribute__
+ # define __attribute__(x)
+#endif
+ # pragma pack(1)
+ #endif
+
+Index: include/dnet/icmp.h
+===================================================================
+--- include/dnet/icmp.h (revision 3309)
+++ include/dnet/icmp.h (working copy)
+@@ -16,7 +16,9 @@
+ #define ICMP_LEN_MIN   8       /* minimum ICMP message size, with header */
+
+ #ifndef __GNUC__
+#ifndef __attribute__
+ # define __attribute__(x)
+#endif
+ # pragma pack(1)
+ #endif
+
+Index: src/arp-ioctl.c
+===================================================================
+--- src/arp-ioctl.c     (revision 3309)
+++ src/arp-ioctl.c     (working copy)
+@@ -383,7 +383,7 @@
+        }
+        return (ret);
+ }
+-#elif defined(HAVE_NET_RADIX_H)
+#elif defined(HAVE_NET_RADIX_H) && !defined(_AIX)
+ /* XXX - Tru64, others? */
+ #include <netinet/if_ether.h>
+ #include <nlist.h>
+Index: src/intf.c
+===================================================================
+--- src/intf.c  (revision 3309)
+++ src/intf.c  (working copy)
+@@ -284,7 +284,9 @@
+        /* Set interface MTU. */
+        if (entry->intf_mtu != 0) {
+                ifr.ifr_mtu = entry->intf_mtu;
+#ifdef SIOCSIFMTU
+                if (ioctl(intf->fd, SIOCSIFMTU, &ifr) < 0)
+#endif
+                        return (-1);
+        }
+        /* Set interface address. */
+@@ -396,7 +398,9 @@
+        _intf_set_type(entry);
+
+        /* Get interface MTU. */
+#ifdef SIOCGIFMTU
+        if (ioctl(intf->fd, SIOCGIFMTU, &ifr) < 0)
+#endif
+                return (-1);
+        entry->intf_mtu = ifr.ifr_mtu;
+
--- a/libdnet-stripped/include/dnet/arp.h
+++ b/libdnet-stripped/include/dnet/arp.h
@@ -16,7 +16,9 @@
 #define ARP_ETHIP_LEN	20	/* base ARP message length */

 #ifndef __GNUC__
+#ifndef __attribute__
 # define __attribute__(x)
+#endif
 # pragma pack(1)
 #endif

--- a/libdnet-stripped/include/dnet/icmp.h
+++ b/libdnet-stripped/include/dnet/icmp.h
@@ -16,7 +16,9 @@
 #define ICMP_LEN_MIN	8	/* minimum ICMP message size, with header */

 #ifndef __GNUC__
+#ifndef __attribute__
 # define __attribute__(x)
+#endif
 # pragma pack(1)
 #endif

--- a/libdnet-stripped/include/dnet/ip.h
+++ b/libdnet-stripped/include/dnet/ip.h
@@ -25,7 +25,9 @@
 typedef uint32_t	ip_addr_t;

 #ifndef __GNUC__
+#ifndef __attribute__
 # define __attribute__(x)
+#endif
 # pragma pack(1)
 #endif

--- a/libdnet-stripped/include/dnet/ip6.h
+++ b/libdnet-stripped/include/dnet/ip6.h
@@ -25,7 +25,9 @@ typedef struct ip6_addr {
 } ip6_addr_t;

 #ifndef __GNUC__
+#ifndef __attribute__
 # define __attribute__(x)
+#endif
 # pragma pack(1)
 #endif

--- a/libdnet-stripped/include/dnet/tcp.h
+++ b/libdnet-stripped/include/dnet/tcp.h
@@ -17,7 +17,9 @@
 #define TCP_HDR_LEN_MAX	(TCP_HDR_LEN + TCP_OPT_LEN_MAX)

 #ifndef __GNUC__
+#ifndef __attribute__
 # define __attribute__(x)
+#endif
 # pragma pack(1)
 #endif

--- a/libdnet-stripped/src/arp-ioctl.c
+++ b/libdnet-stripped/src/arp-ioctl.c
@@ -383,7 +383,7 @@ arp_loop(arp_t *r, arp_handler callback, void *arg)
 	}
 	return (ret);
 }
-#elif defined(HAVE_NET_RADIX_H)
+#elif defined(HAVE_NET_RADIX_H) && !defined(_AIX)
 /* XXX - Tru64, others? */
 #include <netinet/if_ether.h>
 #include <nlist.h>
--- a/libdnet-stripped/src/intf.c
+++ b/libdnet-stripped/src/intf.c
@@ -284,7 +284,9 @@ intf_set(intf_t *intf, const struct intf_entry *entry)
 	/* Set interface MTU. */
 	if (entry->intf_mtu != 0) {
 		ifr.ifr_mtu = entry->intf_mtu;
+#ifdef SIOCSIFMTU
 		if (ioctl(intf->fd, SIOCSIFMTU, &ifr) < 0)
+#endif
 			return (-1);
 	}
 	/* Set interface address. */
@@ -396,7 +398,9 @@ _intf_get_noalias(intf_t *intf, struct intf_entry *entry)
 	_intf_set_type(entry);
 	
 	/* Get interface MTU. */
+#ifdef SIOCGIFMTU
 	if (ioctl(intf->fd, SIOCGIFMTU, &ifr) < 0)
+#endif
 		return (-1);
 	entry->intf_mtu = ifr.ifr_mtu;

--- a/nmap_dns.cc
+++ b/nmap_dns.cc
@@ -285,6 +285,7 @@ static struct timeval starttv;
 static int read_timeout_index;
 static u16 id_counter;

+static int firstrun=1;
 static ScanProgressMeter *SPM;


@@ -847,8 +848,10 @@ void win32_read_registry(char *controlset) {

  snprintf(keybasebuf, sizeof(keybasebuf), "SYSTEM\\%s\\Services\\Tcpip\\Parameters", controlset);
  if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, keybasebuf,
-                    0, KEY_READ, &hKey) != ERROR_SUCCESS)
-    fatal("Error opening registry to read DNS servers. Try using --system-dns or specify valid servers with --dns-servers");
+                    0, KEY_READ, &hKey) != ERROR_SUCCESS) {
+    if (firstrun) error("mass_dns: warning: Error opening registry to read DNS servers. Try using --system-dns or specify valid servers with --dns-servers");
+    return;
+  }

  sz = sizeof(buf);
  if (RegQueryValueEx(hKey, "NameServer", NULL, NULL, (LPBYTE) buf, (LPDWORD) &sz) == ERROR_SUCCESS)
@@ -907,7 +910,8 @@ static void parse_resolvdotconf() {

  fp = fopen("/etc/resolv.conf", "r");
  if (fp == NULL) {
-    fatal("Unable to open /etc/resolv.conf. Try using --system-dns or specify valid servers with --dns-servers");
+    if (firstrun) error("mass_dns: warning: Unable to open /etc/resolv.conf. Try using --system-dns or specify valid servers with --dns-servers");
+    return;
  }

  while (fgets(buf, sizeof(buf), fp)) {
@@ -1064,8 +1068,7 @@ static void nmap_mass_rdns_core(Target **targets, int num_targets) {
    if (o.dns_servers) add_dns_server(o.dns_servers);
    else parse_resolvdotconf();

-    if (servs.size() == 0)
-      fatal("Unable to determine any DNS servers. Try using --system-dns or specify valid servers with --dns_servers");
+    if (servs.size() == 0 && firstrun) error("mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using --system-dns or specify valid servers with --dns_servers");
  }


@@ -1099,7 +1102,7 @@ static void nmap_mass_rdns_core(Target **targets, int num_targets) {
    total_reqs++;
  }

-  if (total_reqs == 0) return;
+  if (total_reqs == 0 || servs.size() == 0) return;

  // And finally, do it!

@@ -1212,4 +1215,6 @@ void nmap_mass_rdns(Target **targets, int num_targets) {
      log_write(LOG_STDOUT, "DNS resolution of %d IPs took %.2fs.\n", stat_actual, TIMEVAL_MSEC_SUBTRACT(now, starttv) / 1000.0);
    }
  }
+
+  firstrun=0;
 }
--- a/nmapfe/nmapfe_sig.c
+++ b/nmapfe/nmapfe_sig.c
@@ -230,9 +230,10 @@ saveLog (char *filename)
    if (filename && *filename) {
        FILE *file;
        if ((file = fopen(filename, "w"))) {
+	  gchar *text;
            gtk_text_buffer_get_start_iter(opt.buffer, &start);
            gtk_text_buffer_get_end_iter(opt.buffer, &end);
-            gchar *text = gtk_text_buffer_get_text(opt.buffer,
+            text = gtk_text_buffer_get_text(opt.buffer,
                    &start, &end, FALSE);

            fputs(text, file);
@@ -267,7 +268,7 @@ void openLog(char *filename)
 void okButton_clicked_cb(GtkWidget *window, GtkButton *button)
 {
 const char *selected = gtk_file_selection_get_filename(GTK_FILE_SELECTION(window));
-void (*action)() = g_object_get_data(G_OBJECT(window), "NmapFE_action");
+void (*action)() = (void (*)())g_object_get_data(G_OBJECT(window), "NmapFE_action");
 GtkEntry *entry = g_object_get_data(G_OBJECT(window), "NmapFE_entry");
 char *filename = g_object_get_data(G_OBJECT(window), "NmapFE_filename");

--- a/scan_engine.cc
+++ b/scan_engine.cc
@@ -3092,6 +3092,14 @@ static bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
 	    hss->target->v4sourceip()->s_addr != ip->ip_dst.s_addr)
 	  continue;
 	
+	/* Sometimes we get false results when scanning localhost with
+	   -p- because we scan localhost with src port = dst port and
+	   see our outgoing packet and think it is a response. */
+	if (probe->dport() == probe->sport() && 
+	    ip->ip_src.s_addr == ip->ip_dst.s_addr && 
+	    probe->ipid() == ip->ip_id)
+	  continue; /* We saw the packet we ourselves sent */
+
 	newstate = PORT_OPEN;
 	goodone = true;
      }
--- a/service_scan.cc
+++ b/service_scan.cc
@@ -1908,6 +1908,7 @@ static int launchSomeServiceProbes(nsock_pool nsp, ServiceGroup *SG) {
  ServiceProbe *nextprobe;
  struct sockaddr_storage ss;
  size_t ss_len;
+  static int warn_no_scanning=1;

  while (SG->services_in_progress.size() < SG->ideal_parallelism &&
 	 !SG->services_remaining.empty()) {
@@ -1918,6 +1919,16 @@ static int launchSomeServiceProbes(nsock_pool nsp, ServiceGroup *SG) {
      continue;
    }
    nextprobe = svc->nextProbe(true);
+
+    if (nextprobe == NULL) {
+      if (warn_no_scanning && o.debugging) {
+        printf("Service scan: Not probing some ports due to low intensity\n");
+        warn_no_scanning=0;
+      }
+      end_svcprobe(nsp, PROBESTATE_FINISHED_NOMATCH, SG, svc, NULL);
+      continue;
+    }
+
    // We start by requesting a connection to the target
    if ((svc->niod = nsi_new(nsp, svc)) == NULL) {
      fatal("Failed to allocate Nsock I/O descriptor in launchSomeServiceProbes()");