From 9635eabb9f3f8c6bc4bc7ba4121ac55ba37b53c4 Mon Sep 17 00:00:00 2001 From: nnposter Date: Fri, 17 Jul 2020 20:46:52 +0000 Subject: [PATCH] Use correct default buffer position. Closes #2084 --- CHANGELOG | 3 +++ nselib/mqtt.lua | 17 ++++------------- 2 files changed, 7 insertions(+), 13 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 6613adfb4..98b692279 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,8 @@ #Nmap Changelog ($Id$); -*-text-*- +o [NSE][GH#2084] MQTT library was using incorrect position when parsing + received responses [tatulea] + o Allow resuming IPv6 scans with --resume. The address parsing was assuming IPv4 addresses, leading to "Unable to parse ip" error. In a related fix, MAC addresses will not be parsed as IP addresses when resuming from XML. [Daniel Miller] diff --git a/nselib/mqtt.lua b/nselib/mqtt.lua index 822ef680a..7c1695d7c 100644 --- a/nselib/mqtt.lua +++ b/nselib/mqtt.lua @@ -294,14 +294,11 @@ Comm = { parse = function(self, buf, pos) assert(type(buf) == "string") - if not pos then - pos = 0 - end + pos = pos or 1 assert(type(pos) == "number") - assert(pos < #buf) -- Parse the type and flags of the control packet's fixed header. - if #buf - pos + 1 < 1 then + if pos > #buf then return false, "Failed to parse control packet." end local type_and_flags, pos = string.unpack("B", buf, pos) @@ -836,11 +833,8 @@ MQTT.length_parse = function(buf, pos) return false, "Cannot parse an empty string." end - if not pos or pos == 0 then - pos = 1 - end + pos = pos or 1 assert(type(pos) == "number") - assert(pos <= #buf) local multiplier = 1 local offset = 0 @@ -904,11 +898,8 @@ MQTT.utf8_parse = function(buf, pos) return false, "Cannot parse a string of less than two bytes." end - if not pos or pos == 0 then - pos = 1 - end + pos = pos or 1 assert(type(pos) == "number") - assert(pos <= #buf) local buf_length = buf:len() if pos > buf_length - 1 then