changes. The first is that Port objects don't allocate memory for
service and RPC results unless that information is set. This reduces the
size of a bare Port from 92 to 40 bytes on my machine. The second change
is that PortList now has the notion of a "default port state," which is
the state of any ports that didn't receive a response. These ports don't
need an allocated Port object, which saves a lot of memory in scans
where most ports didn't get a response.
if (tcp_rpc_socket > max_sd)
max_sd = tcp_rpc_socket;
The condition is always true because max_sd is initialized to -1 and that block
of code is entered only if tcp_rpc_socket > -1. It looks like the kind of thing
that would be managing a large set of sockets for select, but here we're only
selecting on one socket at a time. This was suggested by Lionel Cons.
Nmap used two functions: one of them, hdump(), just printed raw hex bytes
(no ASCII equivalents) and the other one, lamont_hdump() had a bug when
printing buffers where bufflen%16==3. A new function has been implemented
from scratch, that basically produces the same output as Wireshark.
Output looks like this:
0000 e8 60 65 86 d7 86 6d 30 35 97 54 87 ff 67 05 9e .`e...m05.T..g..
0010 07 5a 98 c0 ea ad 50 d2 62 4f 7b ff e1 34 f8 fc .Z....P.bO{..4..
0020 c4 84 0a 6a 39 ad 3c 10 63 b2 22 c4 24 40 f4 b1 ...j9.<.c.".$@..
Changes:
- The new hexdump() function has been added to nbase.
- Old hdump() and lamont_dump() have been removed from nmap's code.
- A wrapper to the new hexdump(), called nmap_hexdump(), has been added
to nmap's utils.cc. The wrapper basically prints the buffer returned
by hexdump() using nmap's log_write() function.
