PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-15 20:29:03 +00:00
Code Issues Projects Releases Wiki Activity

Don't use the clobbered rtmsg->rtm_family to look up interfaces.

Browse Source 
This value gets clobbered after the netlink recvmsg. It was giving me a
bogus address family (234), which caused the call to getInterfaceByName
to fail:
Could not find interface wlan0 which was specified by -e

This seems to have been exposed by r29754. Specifying a source address
that is not on any actual route seems to result in a netlink query
result with 0 entries, and the changed value of rtm_family. (The fact
that there are no routes returned is not a problem, because we bail out
early when -e is given, now that getInterfaceByName works again.)
This commit is contained in:
david
2012-09-11 23:50:21 +00:00
parent 84fc27ee2d
commit b5b558f162
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
libnetutil/netutil.cc
View File

@@ -3138,14 +3138,14 @@ static int route_dst_netlink(const struct sockaddr_storage *dst,
struct interface_info *ii;
ii = NULL;
if (device != NULL && device[0] != '\0') {
ii = getInterfaceByName(device, rtmsg->rtm_family);
ii = getInterfaceByName(device, dst->ss_family);
if (ii == NULL)
netutil_fatal("Could not find interface %s which was specified by -e", device);
}
for (rtattr = RTM_RTA(rtmsg); RTA_OK(rtattr, len); rtattr = RTA_NEXT(rtattr, len)) {
if (rtattr->rta_type == RTA_GATEWAY) {
rc = set_sockaddr(&rnfo->nexthop, rtmsg->rtm_family, RTA_DATA(rtattr));
rc = set_sockaddr(&rnfo->nexthop, dst->ss_family, RTA_DATA(rtattr));
assert(rc != -1);
/* Don't consider it directly connected if nexthop != dst. */
if (!sockaddr_storage_equal(dst, &rnfo->nexthop))
@@ -3158,11 +3158,11 @@ static int route_dst_netlink(const struct sockaddr_storage *dst,
intf_index = *(int *) RTA_DATA(rtattr);
p = if_indextoname(intf_index, namebuf);
assert(p != NULL);
ii = getInterfaceByName(namebuf, rtmsg->rtm_family);
ii = getInterfaceByName(namebuf, dst->ss_family);
if (ii == NULL)
netutil_fatal("%s: can't find interface \"%s\"", __func__, namebuf);
} else if (rtattr->rta_type == RTA_PREFSRC && rnfo->srcaddr.ss_family == AF_UNSPEC) {
rc = set_sockaddr(&rnfo->srcaddr, rtmsg->rtm_family, RTA_DATA(rtattr));
rc = set_sockaddr(&rnfo->srcaddr, dst->ss_family, RTA_DATA(rtattr));
assert(rc != -1);
}
}