diff --git a/CHANGELOG b/CHANGELOG index 4ef827e4a..0979279bf 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,8 @@ #Nmap Changelog ($Id$); -*-text-*- +o [GH#863] Avoid reporting negative latencies due to matching an ARP or ND + response to a probe sent after it was recieved. [Daniel Miller] + o [ncat][GH#1441] To avoid confusion and to support default proxy ports, option --proxy now requires a literal IPv6 address to be specified using square-bracket notation, such as --proxy [2001:db8::123]:456. [nnposter] diff --git a/scan_engine_raw.cc b/scan_engine_raw.cc index 3210d42af..8f1e90dca 100644 --- a/scan_engine_raw.cc +++ b/scan_engine_raw.cc @@ -1594,7 +1594,11 @@ bool get_arp_result(UltraScanInfo *USI, struct timeval *stime) { continue; } probeI = hss->probes_outstanding.end(); - probeI--; + do { + /* Delay in libpcap could mean we sent another probe *after* this + * response was received. Search back for the last probe before rcvdtime. */ + probeI--; + } while (TIMEVAL_AFTER((*probeI)->sent, rcvdtime) && probeI != hss->probes_outstanding.begin()); ultrascan_host_probe_update(USI, hss, probeI, HOST_UP, &rcvdtime); /* Now that we know the host is up, we can forget our other probes. */ hss->destroyAllOutstandingProbes(); @@ -1666,7 +1670,11 @@ bool get_ns_result(UltraScanInfo *USI, struct timeval *stime) { /* TODO: I suppose I should really mark the @@# host as up */ } probeI = hss->probes_outstanding.end(); - probeI--; + do { + /* Delay in libpcap could mean we sent another probe *after* this + * response was received. Search back for the last probe before rcvdtime. */ + probeI--; + } while (TIMEVAL_AFTER((*probeI)->sent, rcvdtime) && probeI != hss->probes_outstanding.begin()); ultrascan_host_probe_update(USI, hss, probeI, HOST_UP, &rcvdtime); /* Now that we know the host is up, we can forget our other probes. */ hss->destroyAllOutstandingProbes();