From f17edebfc246cc47a9d901f651472cd937d11dcb Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Mon, 28 Jul 2014 22:23:07 +0000
Subject: [PATCH] Fix IPv4 source address for host discovery

Reported here: http://seclists.org/nmap-dev/2014/q3/137

Hostgroups should have a common outgoing interface and source address,
determined by target_needs_new_hostgroup. Source address for raw IP
probes (sendIPScanProbe) is taken from the list of decoys (o.decoys),
which always at least contains a "self" element at index o.decoyturn.
This element was not being set while filling a hostgroup for massping,
so it was using whatever the value from the last hostgroup had. This
only matters when mixing targets that require different source
addresses, as demonstrated by scanning localhost and some other address.
---
 targets.cc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/targets.cc b/targets.cc
index b6acc5a2f..65ab7ccb9 100644
--- a/targets.cc
+++ b/targets.cc
@@ -643,6 +643,7 @@ static void refresh_hostbatch(HostGroupState *hs, const addrset *exclude_group,
         break;
     }
 
+    o.decoys[o.decoyturn] = t->v4source();
     hs->hostbatch[hs->current_batch_sz++] = t;
   }