std::list::size() was hanging because list traversal was broken for this
particular static list (timedout_hops). Could not reproduce with a small
test program, but another AIX user confirmed. Exhausted other options
before switching it to dynamic allocation (of the list itself, not the
elements, which are always dynamically allocated), which somehow
bypasses the problem.
This chunk of code in read_replies was generating valgrind errors
because reply.ttl was uninitialized:
if (host->state == HostState::COUNTING_DOWN) {
/* If this probe was past the target, skip ahead to what we think the
actual distance is. */
int distance = get_initial_ttl_guess(reply.ttl) - reply.ttl + 1;
if (distance > 0 && distance < host->current_ttl)
host->current_ttl = MIN(distance, MAX_TTL);
}
My compiler was setting the initial value to 0, which meant that
distance was always 33, clearly wrong. Setting reply.ttl in decode_reply
silences the error and causes distance to be more accurate.
proposal. This only affects Nmap's root directory. We might also need to
modify the code which autogenerates Nmap's source code files such as IPv6
fingerprinting code.
for file in `grep "* including the terms and conditions of this license text as well. \*" * -r --files-with-match `; do sed "s/\* including the terms and conditions of this license text as well. \*/* including the terms and conditions of this license text as well. */g" -i $file; done
There was one case where we previously didn't fatal, in nse_dnet.cc.
Move the fatal calls out of nmap_raw_socket and into the calling scope,
with the exception of the one in nse_dnet.cc.
The problem was reported by Rob Nicholls.
http://seclists.org/nmap-dev/2012/q4/186
This caused an error message when compiled with Clang 3.1:
traceroute.cc:173:41: note: in instantiation of exception specification for 'map' requested here
static std::map<struct HopIdent, Hop *> hop_cache;
^
traceroute.cc:173:24: note: forward declaration of 'HopIdent'
static std::map<struct HopIdent, Hop *> hop_cache;
^
Found by arrowdodger. http://seclists.org/nmap-dev/2012/q4/58.
The other protocols that are implemented for IPv4 are not implemented
for IPv6, leading to an assertion failure.
nmap: traceroute.cc:749: virtual unsigned char* UDPProbe::build_packet(const sockaddr_storage*, u32*) const: Assertion `source->ss_family == 2' failed.
This was noticed by Pierre Emeriaud.
http://seclists.org/nmap-dev/2012/q4/36
I believe the purpose of these asserts was to quiet a compiler warning
in r24309, but the rest of that revision (marking fatal as a
non-returning function) should do the job.
The comment in struct_ip.h explains the reasoning for this. The AIX C library
uses #defines that change the names of members of struct ip, and conflict with
some existing code. (Notably struct ip_hdr in libdnet and IPv4Header::h in
libnetutil.) We can still use the AIX files if we include <netinet/ip.h> after
this other code has been preprocessed. That's hard to enforce when
<netinet/ip.h> is included from another header file; this new file allows
including it always late, and only where needed.
Heretofore we have always extracted teh destination address directly
from the packet contents. But the raw packet bytes do not contain enough
information in one case: IPv6 link-local addresses. For those we really
need the scope ID, and for that we must pass this information all the
way down.
Before this, I got "no route to host" on OS link-local addresses. I
think that it was working on Linux only on accident, by the OS picking a
default interface or something.
We should have the multiprotocol version be the main version, with
IPv4-only code being a noted exception. Also these functions are almost
the same so one can call the other.
