From be9c6d96ee3285d7dcbced539282c8a8132dcea7 Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Tue, 21 May 2024 18:49:36 +0000
Subject: [PATCH] Handle ENETDOWN in service scan. Generally do not fatal() on
 socket errors there.

---
 service_scan.cc | 41 +++++++++++++++++++++++------------------
 1 file changed, 23 insertions(+), 18 deletions(-)

diff --git a/service_scan.cc b/service_scan.cc
index 8c0f9b20f..9be8105fa 100644
--- a/service_scan.cc
+++ b/service_scan.cc
@@ -2584,6 +2584,7 @@ static void servicescan_read_handler(nsock_pool nsp, nsock_event nse, void *myda
   } else if (status == NSE_STATUS_ERROR) {
     // Errors might happen in some cases ... I'll worry about later
     int err = nse_errorcode(nse);
+    bool show_err = true;
     switch(err) {
     case ECONNRESET:
     case ECONNREFUSED: // weird to get this on a connected socket (shrug) but
@@ -2599,22 +2600,6 @@ static void servicescan_read_handler(nsock_pool nsp, nsock_event nse, void *myda
         startNextProbe(nsp, nsi, SG, svc, true);
       }
       break;
-#ifdef EHOSTDOWN
-    case EHOSTDOWN: // ICMP_HOST_UNKNOWN
-#endif
-#ifdef ENONET
-    case ENONET: // ICMP_HOST_ISOLATED
-#endif
-    /* EHOSTDOWN and ENONET can be the result of forged ICMP responses.
-     * We should probably give up on this port.
-     */
-    case ENETUNREACH:
-    case EHOSTUNREACH:
-      // That is funny.  The port scanner listed the port as open.  Maybe it got unplugged, or firewalled us, or did
-      // something else nasty during the scan.  Shrug.  I'll give up on this port
-      svc->tcpwrap_possible = false;
-      end_svcprobe(PROBESTATE_INCOMPLETE, SG, svc, nsi);
-      break;
 #ifdef ENOPROTOOPT
     case ENOPROTOOPT: // ICMP_PROT_UNREACH
 #endif
@@ -2645,9 +2630,29 @@ static void servicescan_read_handler(nsock_pool nsp, nsock_event nse, void *myda
       // hardcoded to EIO).  I'll just try the next probe.
       startNextProbe(nsp, nsi, SG, svc, true);
       break;
+#ifdef EHOSTDOWN
+    case EHOSTDOWN: // ICMP_HOST_UNKNOWN
+#endif
+#ifdef ENONET
+    case ENONET: // ICMP_HOST_ISOLATED
+#endif
+    /* EHOSTDOWN and ENONET can be the result of forged ICMP responses.
+     * We should probably give up on this port.
+     */
+    case ENETUNREACH:
+    case EHOSTUNREACH:
+    case ENETDOWN:
+      // That is funny.  The port scanner listed the port as open.  Maybe it got unplugged, or firewalled us, or did
+      // something else nasty during the scan.  Shrug.  I'll give up on this port
+      show_err = o.debugging || o.versionTrace();
     default:
-      fatal("Unexpected error in NSE_TYPE_READ callback.  Error code: %d (%s)", err,
-            socket_strerror(err));
+      if (show_err) {
+        error("Unexpected error %d (%s) in NSE_TYPE_READ callback - aborting this service",
+            err, socket_strerror(err));
+      }
+      svc->tcpwrap_possible = false;
+      end_svcprobe(PROBESTATE_INCOMPLETE, SG, svc, nsi);
+      break;
     }
   } else if (status == NSE_STATUS_KILL) {
     /* User probably specified host_timeout and so the service scan is