see http://seclists.org/nmap-dev/2013/q4/168
Move some includes out of nmap.h: nmap.h gets included lots of places,
and unconditionally included math.h, ctype.h, errno.h, stdio.h,
sys/stat.h, fcntl.h, sys/types.h, and stdarg.h. This commit moves those
includes into the .cc files where they are necessary and out of nmap.h
Remove redundant include global_structures.h, included from nmap.h
Removed redundant code included from nmap.h
Removing #include nbase.h when nmap.h is included (redundant)
Remove duplicate #include lines
Add ifndef guards to a few .h files
String ipaddr was allocated without allowing space for the null
terminator, resulting in a 1-byte overflow. Caught with clang
-fsanitize=address
Also, fmt was being initialized with sizeof(ipaddr), which happened to
be correct, but should not necessarily be so. We don't care about the
size of the structure, but rather the length of an address in string
notation.
Using TIMEVAL_MSEC_SUBTRACT can lead to integer overflow when the times
are far apart (such as epoch (0) or uninitialized timeval and "now").
Instead, calculate the "deadline" and use TIMEVAL_AFTER to test.
Because http-server-header grabs the server header and sets the service
version hardmatched, Nmap won't print a service fingerprint. This means
people might not submit as many fingerprints in the future, but we would
rather they did (speeds up scans by short-circuiting version probes).
Now http-server-header will print a messages suggesting the use of
--script-args http-server-header.skip for the purposes of submitting a
fingerprint. If this script-arg is set, the script will not run,
preserving Nmap's previous behavior.
This file is automatically copied into the bundle by py2app. It is
already present as a system library on OS X 10.6 and later. Shipping our
own caused a compatibility problem on OS X 10.9:
Could not import the zenmapGUI.App module: 'dlopen(/Applications/Zenmap.app/Contents/Resources/lib/python2.6/lib-dynload/glib/_glib.so, 2): Symbol not found: _xmlBufContent\n Referenced from: /usr/lib/libxslt.1.dylib\n Expected in: /Applications/Zenmap.app/Contents/Frameworks/libxml2.2.dylib\n in /usr/lib/libxslt.1.dylib'.
http://seclists.org/nmap-dev/2013/q4/85
NSE scripts should not send data to stdout with print(). One exception
was not altered: url-snarf states in its documentation that urls are
sent to stdout by default, with a script-arg option to save to a file
instead.
