From 8bc5135d935f7d936e7fd11bd1970fe8ae0d3140 Mon Sep 17 00:00:00 2001
From: david <david@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Fri, 26 Mar 2010 22:11:30 +0000
Subject: [PATCH] When iterating over the interface list on systems that have
 sa_len, only allow the sa_len to increase the size of the current structure,
 not decrease it below sizeof(struct ifreq). Doing it this way makes it work
 on NetBSD. This technique more or less matches that used in Unix Network
 Programming, 3rd Edition, section 17.6. The old implementation was likely
 incorrect, though it happened to work on FreeBSD.

---
 CHANGELOG |  6 ++++++
 tcpip.cc  | 10 +++++-----
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index e6b53d280..036d895a7 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -2,6 +2,12 @@
 
 [NOT YET RELEASED]
 
+o Fixed reading of the interface table on NetBSD. Running nmap
+  --iflist would report "INTERFACES: NONE FOUND(!)" and any scan done
+  as root would fail with "WARNING: Unable to find appropriate
+  interface for system route to...". This was first reported by Jay
+  Fink, and had already been patched in the NetBSD pkgsrc tree.
+
 o [NSE] The unpwdb library now has a default time limit on the
   usernames and passwords iterators. This will prevent brute force
   scripts from running for a long time when a service is slow. These
diff --git a/tcpip.cc b/tcpip.cc
index 4dcb0f8dd..2834b433d 100644
--- a/tcpip.cc
+++ b/tcpip.cc
@@ -3105,12 +3105,12 @@ static struct interface_info *getinterfaces_siocgifconf(int *howmany) {
     int rc;
     char *p;
 
-    /* On some platforms (such as FreeBSD), the length of each ifr changes
-       based on the sockaddr type used, so we get the next length now. */
-#if HAVE_SOCKADDR_SA_LEN
-    len = ifr->ifr_addr.sa_len + sizeof(ifr->ifr_name);
-#else
     len = sizeof(struct ifreq);
+#if HAVE_SOCKADDR_SA_LEN
+    /* Some platforms (such as FreeBSD) have an sa_len member that may make the
+       ifr longer than sizeof(struct ifreq). */
+    if (ifr->ifr_addr.sa_len > sizeof(ifr->ifr_ifru))
+      len += ifr->ifr_addr.sa_len - sizeof(ifr->ifr_ifru);
 #endif
 
     /* skip any device with no name */