Make current loglevel and current log callback global
to the library. Attaching them to the nsock pool doesn't
bring any benefit and prevents from logging activity in
code sections that don't have access to a pool (such as
proxy chain specification parsing).
Updated external calls and nsock tests accordingly.
proposal. This only affects Nmap's root directory. We might also need to
modify the code which autogenerates Nmap's source code files such as IPv6
fingerprinting code.
see http://seclists.org/nmap-dev/2013/q4/168
Move some includes out of nmap.h: nmap.h gets included lots of places,
and unconditionally included math.h, ctype.h, errno.h, stdio.h,
sys/stat.h, fcntl.h, sys/types.h, and stdarg.h. This commit moves those
includes into the .cc files where they are necessary and out of nmap.h
Remove redundant include global_structures.h, included from nmap.h
Removed redundant code included from nmap.h
Removing #include nbase.h when nmap.h is included (redundant)
Remove duplicate #include lines
Add ifndef guards to a few .h files
String ipaddr was allocated without allowing space for the null
terminator, resulting in a 1-byte overflow. Caught with clang
-fsanitize=address
Also, fmt was being initialized with sizeof(ipaddr), which happened to
be correct, but should not necessarily be so. We don't care about the
size of the structure, but rather the length of an address in string
notation.
for file in `grep "* including the terms and conditions of this license text as well. \*" * -r --files-with-match `; do sed "s/\* including the terms and conditions of this license text as well. \*/* including the terms and conditions of this license text as well. */g" -i $file; done
Kenneth Frazier reported that sometimes Nmap would use name servers from
inactive interfaces. Let's try checking the interface GUIDs against
those known by libpcap.
http://seclists.org/nmap-dev/2013/q1/292
I don't find anywhere in the history where this value has ever varied.
This is an old post from Doug where he mentions possibly different
values, but they appear to have been unused.
http://seclists.org/nmap-dev/2006/q1/147
Reworked the logging infrastructure to make it more flexible
and consistent.
Updated nmap, nping and ncat accordingly. Nsock log level can
now be adjusted at runtime by pressing d/D in nmap.
The exceptions are the calls in ncat/ncat_connect.c and
nping/EchoServer.cc. Ncat doesn't have an option for the interface, and
I think Nping's -e option is only meant to apply to probes, not to the
echo server listener.
Besides the confusingness of the nodns argument being negatively
phrased, it had the value 0 in every existing call. Split out the nodns
special case into a separate function resolve_numeric.
This also has the side effect of changing the number of parameters to
the resolve function, which will cause a compile error for any calls I
might have missed changing when I changed the return code meaning in the
previous commit.
Ncat has its own copy of resolve, which obeys the global o.nodns rather
than a parameter. I'm leaving that alone for now. But give it the same
resolve_internal function, and make resolve call it with different flags
depending on the value of o.nodns.
The only error we can have apart from a getaddrinfo error is a list of
zero addresses; return EAI_NONAME in that case.
This unfortunately inverts the truth value of the return code of
resolve; 0 now means success.
When a DNS name was only "."; i.e., the first byte in its encoded
representation was 0, encoded_name_to_normal wouldn't null-terminate the
string. This caused multiple warnings
Illegal character(s) in hostname -- replacing with '*'
as later code read from uninitialized memory. Now we null-terminate
whenever the function returns success, and treat "." as a special case
for which we retain the trailing dot.
This bug was found by Gisle Vanem, who wrote a patch to fix it. I added
some more error checking to the patch.
ncat_proxy.c: In function `ncat_http_server':
ncat_proxy.c:163: warning: dereferencing type-punned pointer will break strict-aliasing rules
nmap_dns.cc: In function `void parse_resolvdotconf()':
nmap_dns.cc:951: warning: unsigned int format, different type arg (arg 4)
traceroute.cc: In member function `void TracerouteState::read_replies(long int)':
traceroute.cc:1031: warning: 'header_len' might be used uninitialized in this function
acommonate IPv6 addresses) and make the sscanf format size match the
buffer size (to avoid smashing the stack). The format string is
constructed dynamically to the size of the buffer with Snprintf. Gunnar
Lindberg reported this problem; discussion starts at
http://seclists.org/nmap-dev/2010/q1/250.
servers. Pass that to nsock_connect_udp instead of using
sizeof(sockaddr_storage). Mac OS X return EINVAL if the length is not what's
expected for the address family.
