Lua 5.2 fixed from Daniel Miller.

http://seclists.org/nmap-dev/2012/q2/525

nselib/asn1.lua

@@ -203,7 +203,7 @@ ASN1Decoder = {
 	   if pos <= last then
 	      oid._snmp = '06'
 	      pos, octet = bin.unpack("C", encStr, pos)
-	      oid[2] = math.mod(octet, 40)
+	      oid[2] = math.fmod(octet, 40)
 	      octet = octet - oid[2]
 	      oid[1] = octet/40
 	   end
@@ -376,7 +376,7 @@ ASN1Encoder = {
 	   if val > 0 then
 	      local valStr = ""
 	      while (val > 0) do
-		 lsb = math.mod(val, 256)
+		 lsb = math.fmod(val, 256)
 		 valStr = valStr .. bin.pack("C", lsb)
 		 val = math.floor(val/256)
 	      end
@@ -394,7 +394,7 @@ ASN1Encoder = {
 	      end
 	      local valStr = ""
 	      while (tcval > 0) do
-		 lsb = math.mod(tcval, 256)
+		 lsb = math.fmod(tcval, 256)
 		 valStr = valStr .. bin.pack("C", lsb)
 		 tcval = math.floor(tcval/256)
 	      end

nselib/http.lua

@@ -174,7 +174,7 @@ end
 -- @return the token.
 local function get_token(s, offset)
   -- All characters except CTL and separators.
-  local _, i, token = s:find("^([^()<>@,;:\\\"/%[%]?={} %z\001-\031\127]+)", offset)
+  local _, i, token = s:find("^([^()<>@,;:\\\"/%[%]?={} \0\001-\031\127]+)", offset)
   if i then
     return i + 1, token
   else
@@ -218,7 +218,7 @@ local function get_quoted_string(s, offset, crlf)
       -- depending on whether it's in a header field or not. This function does
       -- not allow CRLF.
       c = s:sub(i, i)
-      if c ~= "\t" and c:match("^[%z\001-\031\127]$") then
+      if c ~= "\t" and c:match("^[\0\001-\031\127]$") then
         error(string.format("Unexpected control character in quoted-string: 0x%02X.", c:byte(1)))
       end
     end
@@ -1676,7 +1676,7 @@ local function read_token(s, pos)
 
   pos = skip_space(s, pos)
   -- 1*<any CHAR except CTLs or separators>. CHAR is only byte values 0-127.
-  _, pos, token = string.find(s, "^([^%z\001-\031()<>@,;:\\\"/?={} \t%[%]\127-\255]+)", pos)
+  _, pos, token = string.find(s, "^([^\0\001-\031()<>@,;:\\\"/?={} \t%[%]\127-\255]+)", pos)
 
   if token then
     return pos + 1, token

nselib/ipOps.lua

@@ -180,7 +180,7 @@ end
 -- @usage
 -- local a, b, c, d;
 -- local t, err = ipOps.get_parts_as_number( "139.104.32.123" )
--- if t then a, b, c, d = unpack( t ) end
+-- if t then a, b, c, d = table.unpack( t ) end
 -- @param ip  String representing an IPv4 or IPv6 address.  Shortened notation
 -- is permitted.
 -- @return   Array of numbers for each part of the supplied IP address (or

nselib/mssql.lua

@@ -2742,7 +2742,9 @@ Util =
 		
 		if ( with_headers and tbl.rows and #tbl.rows > 0 ) then
 			local headers
-			table.foreach( tbl.colinfo, function( k, v ) table.insert( col_names, v.text) end)
+			for k, v in pairs( tbl.colinfo ) do
+				table.insert( col_names, v.text)
+			end
 			headers = stdnse.strjoin("\t", col_names)
 			table.insert( new_tbl, headers)
 			headers = headers:gsub("[^%s]", "=")

nselib/mysql.lua

@@ -565,11 +565,11 @@ function formatResultset(rs, options)
 	
 	if ( not(options.noheaders) ) then
 		for _, col in ipairs(rs.cols) do table.insert(colnames, col.name) end
-		tab.addrow(restab, unpack(colnames))
+		tab.addrow(restab, table.unpack(colnames))
 	end
 	
 	for _, row in ipairs(rs.rows) do
-		tab.addrow(restab, unpack(row))
+		tab.addrow(restab, table.unpack(row))
 	end
 	
 	return tab.dump(restab)

nselib/rpc.lua

@@ -3362,8 +3362,8 @@ Util =
   -- @return the amount of pad needed to be divideable by 4
   CalcFillBytes = function(length)
       -- calculate fill bytes
-    if math.mod( length, 4 ) ~= 0 then
-      return (4 - math.mod( length, 4))
+    if math.fmod( length, 4 ) ~= 0 then
+      return (4 - math.fmod( length, 4))
     else
       return 0
     end

nselib/snmp.lua

@@ -181,7 +181,7 @@ end
 function buildGetRequest(options, ...)
    if not options then options = {} end
 
-   if not options.reqId then options.reqId = math.mod(nmap.clock_ms(), 65000) end
+   if not options.reqId then options.reqId = math.fmod(nmap.clock_ms(), 65000) end
    if not options.err then options.err = 0 end
    if not options.errIdx then options.errIdx = 0 end
 
@@ -216,7 +216,7 @@ end
 function buildGetNextRequest(options, ...)
    if not options then options = {} end
 
-   if not options.reqId then options.reqId = math.mod(nmap.clock_ms(), 65000) end
+   if not options.reqId then options.reqId = math.fmod(nmap.clock_ms(), 65000) end
    if not options.err then options.err = 0 end
    if not options.errIdx then options.errIdx = 0 end
 
@@ -254,7 +254,7 @@ end
 function buildSetRequest(options, oid, value)
    if not options then options = {} end
 
-	 if not options.reqId then options.reqId = math.mod(nmap.clock_ms(), 65000) end
+	 if not options.reqId then options.reqId = math.fmod(nmap.clock_ms(), 65000) end
    if not options.err then options.err = 0 end
    if not options.errIdx then options.errIdx = 0 end
 
@@ -323,7 +323,7 @@ function buildGetResponse(options, oid, value)
    if not options then options = {} end
 
    -- if really a response, should use reqId of request!
-   if not options.reqId then options.reqId = math.mod(nmap.clock_ms(), 65000) end
+   if not options.reqId then options.reqId = math.fmod(nmap.clock_ms(), 65000) end
    if not options.err then options.err = 0 end
    if not options.errIdx then options.errIdx = 0 end
 

scripts/broadcast-db2-discover.nse

@@ -69,7 +69,7 @@ action = function()
 		status, data = socket:receive()
 		if( not(status) ) then break end
 		
-		local version, srvname = data:match("DB2RETADDR.(SQL%d+).(.-)%z")
+		local version, srvname = data:match("DB2RETADDR.(SQL%d+).(.-)\0")
 		local _, ip
 		status, _, _, ip, _ = socket:get_info()
 		if ( not(status) ) then return end

scripts/db2-discover.nse

@@ -79,7 +79,7 @@ action = function(host, port)
 		return
 	end
 		
-	local version, srvname = data:match("DB2RETADDR.(SQL%d+).(.-)%z")
+	local version, srvname = data:match("DB2RETADDR.(SQL%d+).(.-)\0")
 
 	if ( status ) then
 		table.insert( result, ("Host: %s"):format(srvname) )

scripts/gkrellm-info.nse

@@ -108,7 +108,7 @@ local function decodeTag(tag, lines)
 		tab.addrow(fs_tab, "Mount point", "Fs type", "Size", "Available")
 		for _, line in ipairs(lines) do
 			if ( ".clear" ~= line ) then
-				local mount, prefix, fstype, size, free, used, bs = unpack(stdnse.strsplit("%s", line))
+				local mount, prefix, fstype, size, free, used, bs = table.unpack(stdnse.strsplit("%s", line))
 				if ( size and free and mount and fstype ) then
 					size = ("%dM"):format(math.ceil(tonumber(size) * tonumber(bs) / 1048576))
 					free = ("%dM"):format(math.ceil(tonumber(free) * tonumber(bs) / 1048576))
@@ -133,7 +133,7 @@ local function decodeTag(tag, lines)
 	elseif ( "uptime" == tag ) then
 		return ("%s: %s"):format(long_names[tag], minutesToUptime(lines[1]))
 	elseif ( "mem" == tag ) then
-		local total, used = unpack(stdnse.strsplit("%s", lines[1]))
+		local total, used = table.unpack(stdnse.strsplit("%s", lines[1]))
 		if ( not(total) or not(used) ) then
 			return
 		end
@@ -141,7 +141,7 @@ local function decodeTag(tag, lines)
 		total = math.ceil(tonumber(total)/1048576)
 		return  ("%s: Total %dM, Free %dM"):format(long_names[tag], total, free)
 	elseif ( "proc" == tag ) then
-		local procs, _, forks, load, users = unpack(stdnse.strsplit("%s", lines[1]))
+		local procs, _, forks, load, users = table.unpack(stdnse.strsplit("%s", lines[1]))
 		if ( not(procs) or not(forks) or not(load) or not(users) ) then
 			return
 		end

scripts/hostmap-bfk.nse

@@ -109,7 +109,7 @@ end
 
 -- Escape some potentially unsafe characters in a string meant to be a filename.
 function filename_escape(s)
-  return string.gsub(s, "[%z/=]", function(c)
+  return string.gsub(s, "[\0/=]", function(c)
     return string.format("=%02X", string.byte(c))
   end)
 end

scripts/http-axis2-dir-traversal.nse

@@ -70,7 +70,7 @@ end
 -- @return Table containing the names and paths of the available services
 local function get_available_services(body) 
  local services = {}
- for service in string.gfind(body, '<h4>Service%sDescription%s:%s<font%scolor="black">(.-)</font></h4>') do
+ for service in string.gmatch(body, '<h4>Service%sDescription%s:%s<font%scolor="black">(.-)</font></h4>') do
     table.insert(services, service)
   end
 

scripts/ip-geolocation-maxmind.nse

@@ -505,20 +505,20 @@ local GeoIP = {
 		start_pos = start_pos + 1
 		local end_pos = 0
 		
-		end_pos = record_buf:find("%z",start_pos)
+		end_pos = record_buf:find("\0",start_pos)
 		if start_pos ~= end_pos then 
 			record.region_name = record_buf:sub(start_pos, end_pos-1)
 		end
 		start_pos = end_pos + 1
 		
-		end_pos = record_buf:find("%z",start_pos)
+		end_pos = record_buf:find("\0",start_pos)
 		if start_pos ~= end_pos then 
 			record.city = record_buf:sub(start_pos, end_pos-1)
 		end
 		start_pos = end_pos + 1
 		
 		
-		end_pos = record_buf:find("%z",start_pos)
+		end_pos = record_buf:find("\0",start_pos)
 		if start_pos ~= end_pos then 
 			record.postal_code = record_buf:sub(start_pos, end_pos-1)
 		end

scripts/irc-botnet-channels.nse

@@ -145,7 +145,7 @@ local function irc_compose_message(prefix, command, ...)
 
 	params = {...}
 	for i, param in ipairs(params) do
-		if not string.match(param, "^[^%z\r\n :][^%z\r\n ]*$") then
+		if not string.match(param, "^[^\0\r\n :][^\0\r\n ]*$") then
 			if i < #params then
 				return nil, "Bad format for param."
 			else

scripts/jdwp-version.nse

@@ -39,10 +39,10 @@ action = function(host, port)
                 return
         end
         -- match jdwp m|JDWP-Handshake| p/$1/ v/$3/ i/$2\n$4/
-        local match = {string.match(result, "^JDWP%-Handshake%z%z..%z%z%z\1\128%z%z%z%z..([^%z\n]*)\n([^%z]*)%z%z..%z%z..%z%z..([0-9._]+)%z%z..([^%z]*)")}
+        local match = {string.match(result, "^JDWP%-Handshake\0\0..\0\0\0\1\128\0\0\0\0..([^\0\n]*)\n([^\0]*)\0\0..\0\0..\0\0..([0-9._]+)\0\0..([^\0]*)")}
         if match == nil or #match == 0 then
                 -- if we have one \128 (reply marker), it is at least not echo because the request did not contain \128
-                if (string.match(result,"^JDWP%-Handshake%z.*\128") ~= nil) then
+                if (string.match(result,"^JDWP%-Handshake\0.*\128") ~= nil) then
                     port.version.name="jdwp"
                     port.version.product="unknown"
                     nmap.set_port_version(host, port, "hardmatched")

scripts/mysql-info.nse

@@ -33,7 +33,7 @@ categories = { "default", "discovery", "safe" }
 --@param orig Start of the string
 --@return The NUL-terminated string
 local getstring = function(orig)
-    return orig:match("^([^%z]*)");
+    return orig:match("^([^\0]*)");
 end
 
 --- Converts two bytes into a number

scripts/pptp-version.nse

@@ -54,7 +54,7 @@ action = function(host, port)
 	local result
 		
 	-- check to see if the packet we got back matches the beginning of a PPTP Start-Control-Connection-Reply packet
-	result = string.match(response, "%z\156%z\001\026\043(.*)")
+	result = string.match(response, "\0\156\0\001\026\043(.*)")
 	local output
 	
 	if result ~= nil then
@@ -70,13 +70,13 @@ action = function(host, port)
 		-- get the hostname (64 octets)
 		local s3
 		s3 = string.sub(result, 24, 87)
-		hostname = string.match(s3, "(.-)%z")
+		hostname = string.match(s3, "(.-)\0")
 
 		-- get the vendor (should be 64 octets, but capture to end of the string to be safe)
 		local s4, length
 		length = #result
 		s4 = string.sub(result, 88, length)
-		vendor = string.match(s4, "(.-)%z")
+		vendor = string.match(s4, "(.-)\0")
 	
 		port.version.name = "pptp"
 		port.version.name_confidence = 10

scripts/sshv1.nse

@@ -60,7 +60,7 @@ action = function(host, port)
 		return
 	end
 
-	if  not string.match(result, "^....[%z]+\002") then
+	if  not string.match(result, "^....[\0]+\002") then
 		socket:close()
 		return
 	end