From af7da5f72dff4dead274defb81a058d6fa98a8ec Mon Sep 17 00:00:00 2001
From: david <david@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Tue, 14 Jun 2011 19:46:47 +0000
Subject: [PATCH] Don't consider any more probes after finding one of our own
 to localhost.

There is a special test that uses IP IDs to check if a presumed reply
from localhost is actually one of our own probes. However the test
didn't bail out ofter finding one of these matches, so a retransmission
(with a different IP ID) could match and look like a protocol reply from
localhost.
---
 scan_engine.cc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scan_engine.cc b/scan_engine.cc
index 7f040b324..a4b767dd3 100644
--- a/scan_engine.cc
+++ b/scan_engine.cc
@@ -4181,7 +4181,7 @@ static bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
 	      /* if this is our probe we sent to localhost, then it doesn't count! */
 	      if (sockaddr_storage_cmp(&hdr.src, &hdr.dst) == 0 &&
 		  probe->ipid() == hdr.ipid)
-	        continue;
+	        break;
 
 	      /* We got a packet from the dst host in the protocol we looked for, and
 		 it wasn't our probe to ourselves, so it must be open */
@@ -5105,7 +5105,7 @@ static int get_ping_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
 	  /* if this is our probe we sent to localhost, then it doesn't count! */
 	  if (sockaddr_storage_cmp(&hdr.src, &hdr.dst) == 0 &&
 	      probe->ipid() == hdr.ipid)
-	    continue;
+	    break;
 
 	  newstate = HOST_UP;
 	  current_reason = ER_PROTORESPONSE;