Because of the postincrement and <= operators, the parsing could write
as many as 10 struct in_addr into an array allocated for only 8.
Execution would stop because of a later check. Instead, we use
preincrement and < operator to do bounds checking, and check for the
"too many specified" condition with another call to strtok (which should
return NULL if there were no more hops to parse)
The docbook-to-nroff XSL pages turn indexterms into nroff comments, but
have a bug: If the closing indexterm element is not followed by
whitespace and cdata, then the following element or cdata is stuck on
the same line as the comment. Fixed this temporarily by introducing
whitespace between </indexterm> and following cdata or by moving the
indexterm elements after any other element (<command>, <term>, etc.)
that they reference.
Reported on debian bugtracker here:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724580
We can't remove an fdinfo from client_fdlist and still expect to access
the fdinfo via a pointer we got from get_fdinfo(&client_fdlist) since
rm_fd() modifies the data at the address pointed to. So instead of
removing it from the list and then adding it right back, we just don't
remove it in the first place.
google.com can resolve to a different set of addresses each time you
resolve it, which makes the addrset tests fail. Use scanme.nmap.org
instead, since (at least for now) that has only one address assigned.
Previous content_length == 0 was overloaded to mean that Content-Length
was set. But that was wrong when the Content-Length was actually 0.
The error message you got when running an HTTP proxy that received
0-length POSTs was
POST request with no Content-Length.
CPPFLAGS is for the C Pre-Processor, and should be used for -I flags. In
a couple cases (nping, nmap) this was resulting in duplicate -Ilibpcap
arguments.
Although $((arithmetic expansion)) is POSIX-specified, some systems have
non-POSIX System V shell, which can't handle it. This patch replaces
$((something)) with $(expr something) to fix compatibility. This
actually slows things down considerably, since a subshell must be
launched for each increment operation, but the tests aren't that
critical. Bug report: http://seclists.org/nmap-dev/2013/q4/198
I had intended the unlink to appy only to unix domain sockets, but it
was being called for every kind of local address.
http://seclists.org/nmap-dev/2013/q3/647
To avoid new GCC warnings about tempnam:
ncat_connect.c:789: warning: the use of `tempnam' is dangerous, better use `mkstemp'
Doing things this way has the same race condition as tempnam did,
because we are unlinking the file before binding it. (The race window is
smaller now.) The file must not exist before binding the Unix socket, or
else you get an "address already in use" error. Unlinking before binding
is the same thing that netcat-openbsd does. See this earlier thread:
http://seclists.org/nmap-dev/2012/q4/336.
