PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-03 05:09:14 +00:00
Code Issues Projects Releases Wiki Activity

[NSE] Scripts are able to access hosts from a previous host group which were scanned

Browse Source 
and freed. This is unintended and may cause a segfault. We fix this by replacing
the current_hosts table with a new empty table when scanning a new host group.
See [1] for more information.

[1] http://seclists.org/nmap-dev/2009/q3/0782.html
This commit is contained in:
batrick
2009-08-28 21:01:29 +00:00
parent 5fdea68d09
commit e807b92459
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
nse_main.cc
View File

@@ -433,6 +433,12 @@ static int run_main (lua_State *L)
lua_touserdata(L, 1);
lua_settop(L, 0);
/* New host group */
luaL_unref(L, LUA_REGISTRYINDEX, current_hosts);
lua_newtable(L);
current_hosts = luaL_ref(L, LUA_REGISTRYINDEX);
lua_getfield(L, LUA_REGISTRYINDEX, NSE_TRACEBACK); /* index 1 */
lua_getfield(L, LUA_REGISTRYINDEX, NSE_MAIN); /* index 2 */