MSVC preprocessor triggers #error in <stdio.h> if redefined
From MS doc:
Beginning with the UCRT in Visual Studio 2015 and Windows 10, snprintf is
no longer identical to _snprintf. The snprintf function behavior is now C99
standard compliant.
Closes#2255
Our implementation of vsnprintf for systems where it is missing did not
correctly return a negative value on error, instead returning the size
passed in. We got this code from tcpdump/libpcap, and it was wrong
there, too, though their latest master branch has removed it in favor of
requiring a C99 compiler (C99 guarantees vsnprintf).
This should remove a LGTM code analysis finding (See #1834) of
cpp/constant-comparison in Ncat because we were checking for a negative
return from Snprintf, which would never occur.
Current exclusions list from --excludefile takes linear time to match
against. Using a trie structure, we can do matching in O(log n) time,
with a hard maximum of 32 comparisons for IPv4 and 128 comparisons for
IPv6. Each node of the trie represents an address prefix that all
subsequent nodes share; matching stops when one is matched exactly or
when the candidate address does not match any prefix of the addresses in
the trie.
For now, only numeric addresses without netmask are supported. We plan
to extend this to addresses with netmasks, including resolved names.
Storing IPv4 ranges and wildcards in this structure would be
prohibitively complex, so the existing linear match method will be used
for those. It is unlikely that any users are using large exclusion lists
of these types of specifications, so performance impact is small.
Potential future features could use the trie structure to implement
custom routing or scope-limiting.
This was a todo list item based on this report:
https://seclists.org/nmap-dev/2012/q4/420
