diff --git a/nselib/asn1.lua b/nselib/asn1.lua index 113a8a6d3..9d259557b 100644 --- a/nselib/asn1.lua +++ b/nselib/asn1.lua @@ -203,7 +203,7 @@ ASN1Decoder = { if pos <= last then oid._snmp = '06' pos, octet = bin.unpack("C", encStr, pos) - oid[2] = math.mod(octet, 40) + oid[2] = math.fmod(octet, 40) octet = octet - oid[2] oid[1] = octet/40 end @@ -376,7 +376,7 @@ ASN1Encoder = { if val > 0 then local valStr = "" while (val > 0) do - lsb = math.mod(val, 256) + lsb = math.fmod(val, 256) valStr = valStr .. bin.pack("C", lsb) val = math.floor(val/256) end @@ -394,7 +394,7 @@ ASN1Encoder = { end local valStr = "" while (tcval > 0) do - lsb = math.mod(tcval, 256) + lsb = math.fmod(tcval, 256) valStr = valStr .. bin.pack("C", lsb) tcval = math.floor(tcval/256) end diff --git a/nselib/http.lua b/nselib/http.lua index e37b40615..f5c5e5477 100644 --- a/nselib/http.lua +++ b/nselib/http.lua @@ -174,7 +174,7 @@ end -- @return the token. local function get_token(s, offset) -- All characters except CTL and separators. - local _, i, token = s:find("^([^()<>@,;:\\\"/%[%]?={} %z\001-\031\127]+)", offset) + local _, i, token = s:find("^([^()<>@,;:\\\"/%[%]?={} \0\001-\031\127]+)", offset) if i then return i + 1, token else @@ -218,7 +218,7 @@ local function get_quoted_string(s, offset, crlf) -- depending on whether it's in a header field or not. This function does -- not allow CRLF. c = s:sub(i, i) - if c ~= "\t" and c:match("^[%z\001-\031\127]$") then + if c ~= "\t" and c:match("^[\0\001-\031\127]$") then error(string.format("Unexpected control character in quoted-string: 0x%02X.", c:byte(1))) end end @@ -1676,7 +1676,7 @@ local function read_token(s, pos) pos = skip_space(s, pos) -- 1*. CHAR is only byte values 0-127. - _, pos, token = string.find(s, "^([^%z\001-\031()<>@,;:\\\"/?={} \t%[%]\127-\255]+)", pos) + _, pos, token = string.find(s, "^([^\0\001-\031()<>@,;:\\\"/?={} \t%[%]\127-\255]+)", pos) if token then return pos + 1, token diff --git a/nselib/ipOps.lua b/nselib/ipOps.lua index 77303c32f..9e5f8ff02 100644 --- a/nselib/ipOps.lua +++ b/nselib/ipOps.lua @@ -180,7 +180,7 @@ end -- @usage -- local a, b, c, d; -- local t, err = ipOps.get_parts_as_number( "139.104.32.123" ) --- if t then a, b, c, d = unpack( t ) end +-- if t then a, b, c, d = table.unpack( t ) end -- @param ip String representing an IPv4 or IPv6 address. Shortened notation -- is permitted. -- @return Array of numbers for each part of the supplied IP address (or diff --git a/nselib/mssql.lua b/nselib/mssql.lua index a588ad1fa..198bfbb21 100644 --- a/nselib/mssql.lua +++ b/nselib/mssql.lua @@ -2742,7 +2742,9 @@ Util = if ( with_headers and tbl.rows and #tbl.rows > 0 ) then local headers - table.foreach( tbl.colinfo, function( k, v ) table.insert( col_names, v.text) end) + for k, v in pairs( tbl.colinfo ) do + table.insert( col_names, v.text) + end headers = stdnse.strjoin("\t", col_names) table.insert( new_tbl, headers) headers = headers:gsub("[^%s]", "=") diff --git a/nselib/mysql.lua b/nselib/mysql.lua index f1a8915a7..ce6052192 100644 --- a/nselib/mysql.lua +++ b/nselib/mysql.lua @@ -565,11 +565,11 @@ function formatResultset(rs, options) if ( not(options.noheaders) ) then for _, col in ipairs(rs.cols) do table.insert(colnames, col.name) end - tab.addrow(restab, unpack(colnames)) + tab.addrow(restab, table.unpack(colnames)) end for _, row in ipairs(rs.rows) do - tab.addrow(restab, unpack(row)) + tab.addrow(restab, table.unpack(row)) end return tab.dump(restab) diff --git a/nselib/rpc.lua b/nselib/rpc.lua index c2dbf4c69..5d3ab40fb 100644 --- a/nselib/rpc.lua +++ b/nselib/rpc.lua @@ -3362,8 +3362,8 @@ Util = -- @return the amount of pad needed to be divideable by 4 CalcFillBytes = function(length) -- calculate fill bytes - if math.mod( length, 4 ) ~= 0 then - return (4 - math.mod( length, 4)) + if math.fmod( length, 4 ) ~= 0 then + return (4 - math.fmod( length, 4)) else return 0 end diff --git a/nselib/snmp.lua b/nselib/snmp.lua index d96b9d7cb..2bf4c5f07 100644 --- a/nselib/snmp.lua +++ b/nselib/snmp.lua @@ -181,7 +181,7 @@ end function buildGetRequest(options, ...) if not options then options = {} end - if not options.reqId then options.reqId = math.mod(nmap.clock_ms(), 65000) end + if not options.reqId then options.reqId = math.fmod(nmap.clock_ms(), 65000) end if not options.err then options.err = 0 end if not options.errIdx then options.errIdx = 0 end @@ -216,7 +216,7 @@ end function buildGetNextRequest(options, ...) if not options then options = {} end - if not options.reqId then options.reqId = math.mod(nmap.clock_ms(), 65000) end + if not options.reqId then options.reqId = math.fmod(nmap.clock_ms(), 65000) end if not options.err then options.err = 0 end if not options.errIdx then options.errIdx = 0 end @@ -254,7 +254,7 @@ end function buildSetRequest(options, oid, value) if not options then options = {} end - if not options.reqId then options.reqId = math.mod(nmap.clock_ms(), 65000) end + if not options.reqId then options.reqId = math.fmod(nmap.clock_ms(), 65000) end if not options.err then options.err = 0 end if not options.errIdx then options.errIdx = 0 end @@ -323,7 +323,7 @@ function buildGetResponse(options, oid, value) if not options then options = {} end -- if really a response, should use reqId of request! - if not options.reqId then options.reqId = math.mod(nmap.clock_ms(), 65000) end + if not options.reqId then options.reqId = math.fmod(nmap.clock_ms(), 65000) end if not options.err then options.err = 0 end if not options.errIdx then options.errIdx = 0 end diff --git a/scripts/broadcast-db2-discover.nse b/scripts/broadcast-db2-discover.nse index 2ba67f362..61ec17bda 100644 --- a/scripts/broadcast-db2-discover.nse +++ b/scripts/broadcast-db2-discover.nse @@ -69,7 +69,7 @@ action = function() status, data = socket:receive() if( not(status) ) then break end - local version, srvname = data:match("DB2RETADDR.(SQL%d+).(.-)%z") + local version, srvname = data:match("DB2RETADDR.(SQL%d+).(.-)\0") local _, ip status, _, _, ip, _ = socket:get_info() if ( not(status) ) then return end diff --git a/scripts/db2-discover.nse b/scripts/db2-discover.nse index 524273a8d..d380eb97b 100644 --- a/scripts/db2-discover.nse +++ b/scripts/db2-discover.nse @@ -79,7 +79,7 @@ action = function(host, port) return end - local version, srvname = data:match("DB2RETADDR.(SQL%d+).(.-)%z") + local version, srvname = data:match("DB2RETADDR.(SQL%d+).(.-)\0") if ( status ) then table.insert( result, ("Host: %s"):format(srvname) ) diff --git a/scripts/gkrellm-info.nse b/scripts/gkrellm-info.nse index 2af9f18eb..2863098c8 100644 --- a/scripts/gkrellm-info.nse +++ b/scripts/gkrellm-info.nse @@ -108,7 +108,7 @@ local function decodeTag(tag, lines) tab.addrow(fs_tab, "Mount point", "Fs type", "Size", "Available") for _, line in ipairs(lines) do if ( ".clear" ~= line ) then - local mount, prefix, fstype, size, free, used, bs = unpack(stdnse.strsplit("%s", line)) + local mount, prefix, fstype, size, free, used, bs = table.unpack(stdnse.strsplit("%s", line)) if ( size and free and mount and fstype ) then size = ("%dM"):format(math.ceil(tonumber(size) * tonumber(bs) / 1048576)) free = ("%dM"):format(math.ceil(tonumber(free) * tonumber(bs) / 1048576)) @@ -133,7 +133,7 @@ local function decodeTag(tag, lines) elseif ( "uptime" == tag ) then return ("%s: %s"):format(long_names[tag], minutesToUptime(lines[1])) elseif ( "mem" == tag ) then - local total, used = unpack(stdnse.strsplit("%s", lines[1])) + local total, used = table.unpack(stdnse.strsplit("%s", lines[1])) if ( not(total) or not(used) ) then return end @@ -141,7 +141,7 @@ local function decodeTag(tag, lines) total = math.ceil(tonumber(total)/1048576) return ("%s: Total %dM, Free %dM"):format(long_names[tag], total, free) elseif ( "proc" == tag ) then - local procs, _, forks, load, users = unpack(stdnse.strsplit("%s", lines[1])) + local procs, _, forks, load, users = table.unpack(stdnse.strsplit("%s", lines[1])) if ( not(procs) or not(forks) or not(load) or not(users) ) then return end diff --git a/scripts/hostmap-bfk.nse b/scripts/hostmap-bfk.nse index 937e45614..edc82eaca 100644 --- a/scripts/hostmap-bfk.nse +++ b/scripts/hostmap-bfk.nse @@ -109,7 +109,7 @@ end -- Escape some potentially unsafe characters in a string meant to be a filename. function filename_escape(s) - return string.gsub(s, "[%z/=]", function(c) + return string.gsub(s, "[\0/=]", function(c) return string.format("=%02X", string.byte(c)) end) end diff --git a/scripts/http-axis2-dir-traversal.nse b/scripts/http-axis2-dir-traversal.nse index 348d045d1..bcd3d9eb5 100644 --- a/scripts/http-axis2-dir-traversal.nse +++ b/scripts/http-axis2-dir-traversal.nse @@ -70,7 +70,7 @@ end -- @return Table containing the names and paths of the available services local function get_available_services(body) local services = {} - for service in string.gfind(body, '

Service%sDescription%s:%s(.-)

') do + for service in string.gmatch(body, '

Service%sDescription%s:%s(.-)

') do table.insert(services, service) end diff --git a/scripts/ip-geolocation-maxmind.nse b/scripts/ip-geolocation-maxmind.nse index 51639fb7d..d8311fa94 100644 --- a/scripts/ip-geolocation-maxmind.nse +++ b/scripts/ip-geolocation-maxmind.nse @@ -505,20 +505,20 @@ local GeoIP = { start_pos = start_pos + 1 local end_pos = 0 - end_pos = record_buf:find("%z",start_pos) + end_pos = record_buf:find("\0",start_pos) if start_pos ~= end_pos then record.region_name = record_buf:sub(start_pos, end_pos-1) end start_pos = end_pos + 1 - end_pos = record_buf:find("%z",start_pos) + end_pos = record_buf:find("\0",start_pos) if start_pos ~= end_pos then record.city = record_buf:sub(start_pos, end_pos-1) end start_pos = end_pos + 1 - end_pos = record_buf:find("%z",start_pos) + end_pos = record_buf:find("\0",start_pos) if start_pos ~= end_pos then record.postal_code = record_buf:sub(start_pos, end_pos-1) end diff --git a/scripts/irc-botnet-channels.nse b/scripts/irc-botnet-channels.nse index a69bbd8f5..3e8fc5d21 100644 --- a/scripts/irc-botnet-channels.nse +++ b/scripts/irc-botnet-channels.nse @@ -145,7 +145,7 @@ local function irc_compose_message(prefix, command, ...) params = {...} for i, param in ipairs(params) do - if not string.match(param, "^[^%z\r\n :][^%z\r\n ]*$") then + if not string.match(param, "^[^\0\r\n :][^\0\r\n ]*$") then if i < #params then return nil, "Bad format for param." else diff --git a/scripts/jdwp-version.nse b/scripts/jdwp-version.nse index 8944beb1f..4ccc5e513 100644 --- a/scripts/jdwp-version.nse +++ b/scripts/jdwp-version.nse @@ -39,10 +39,10 @@ action = function(host, port) return end -- match jdwp m|JDWP-Handshake| p/$1/ v/$3/ i/$2\n$4/ - local match = {string.match(result, "^JDWP%-Handshake%z%z..%z%z%z\1\128%z%z%z%z..([^%z\n]*)\n([^%z]*)%z%z..%z%z..%z%z..([0-9._]+)%z%z..([^%z]*)")} + local match = {string.match(result, "^JDWP%-Handshake\0\0..\0\0\0\1\128\0\0\0\0..([^\0\n]*)\n([^\0]*)\0\0..\0\0..\0\0..([0-9._]+)\0\0..([^\0]*)")} if match == nil or #match == 0 then -- if we have one \128 (reply marker), it is at least not echo because the request did not contain \128 - if (string.match(result,"^JDWP%-Handshake%z.*\128") ~= nil) then + if (string.match(result,"^JDWP%-Handshake\0.*\128") ~= nil) then port.version.name="jdwp" port.version.product="unknown" nmap.set_port_version(host, port, "hardmatched") diff --git a/scripts/mysql-info.nse b/scripts/mysql-info.nse index 202663f3f..98440474a 100644 --- a/scripts/mysql-info.nse +++ b/scripts/mysql-info.nse @@ -33,7 +33,7 @@ categories = { "default", "discovery", "safe" } --@param orig Start of the string --@return The NUL-terminated string local getstring = function(orig) - return orig:match("^([^%z]*)"); + return orig:match("^([^\0]*)"); end --- Converts two bytes into a number diff --git a/scripts/pptp-version.nse b/scripts/pptp-version.nse index 8cb5abec0..243213c81 100644 --- a/scripts/pptp-version.nse +++ b/scripts/pptp-version.nse @@ -54,7 +54,7 @@ action = function(host, port) local result -- check to see if the packet we got back matches the beginning of a PPTP Start-Control-Connection-Reply packet - result = string.match(response, "%z\156%z\001\026\043(.*)") + result = string.match(response, "\0\156\0\001\026\043(.*)") local output if result ~= nil then @@ -70,13 +70,13 @@ action = function(host, port) -- get the hostname (64 octets) local s3 s3 = string.sub(result, 24, 87) - hostname = string.match(s3, "(.-)%z") + hostname = string.match(s3, "(.-)\0") -- get the vendor (should be 64 octets, but capture to end of the string to be safe) local s4, length length = #result s4 = string.sub(result, 88, length) - vendor = string.match(s4, "(.-)%z") + vendor = string.match(s4, "(.-)\0") port.version.name = "pptp" port.version.name_confidence = 10 diff --git a/scripts/sshv1.nse b/scripts/sshv1.nse index 8dab47ee6..323d54c99 100644 --- a/scripts/sshv1.nse +++ b/scripts/sshv1.nse @@ -60,7 +60,7 @@ action = function(host, port) return end - if not string.match(result, "^....[%z]+\002") then + if not string.match(result, "^....[\0]+\002") then socket:close() return end