http://seclists.org/nmap-dev/2014/q2/318
Essentially, we import the xml name, then override its search path,
stripping out the _xmlplus paths that PyXML uses. This leaves only the
Python 2 standard library path, which is what Zenmap was written for.
Subclassed SyntaxError to provide some useful info when this happens. It
was happening with unittest.nse because it wasn't part of any category.
Previously, this would crash Zenmap because ScriptDBSyntaxError was
undefined. Now it crashes because there's really a syntax error (fixed
in previous revision)
This saves a function call by using subclassing dict instead of using a
real dict. When a cache hit occurs, there is no overhead beyond a
standard dict lookup, which in most implementations is very fast. Cache
miss is similar performance to previous.
Also added a unittest for this functionality.
Using the pep8 tool (https://pypi.python.org/pypi/pep8), fixed the
following style issues:
Count Issue
11 E201 whitespace after '['
8 E203 whitespace before ','
41 E211 whitespace before '('
11 E221 multiple spaces before operator
61 E225 missing whitespace around operator
237 E231 missing whitespace after ':'
91 E251 no spaces around keyword / parameter equals
19 E261 at least two spaces before inline comment
41 E301 expected 1 blank line, found 0
200 E302 expected 2 blank lines, found 1
356 E303 too many blank lines (2)
563 E501 line too long (106 characters)
39 E701 multiple statements on one line (colon)
13 E702 multiple statements on one line (semicolon)
4 W291 trailing whitespace
2 W293 blank line contains whitespace
8 W391 blank line at end of file
21 W601 .has_key() is deprecated, use 'in'
2 W602 deprecated form of raising exception
The remaining issues are long lines due to very deep data structures. I
chose not to alter them, as it would involve backslash-continuation
where whitespace is not permitted:
./zenmapGUI/ScanInterface.py:323:80: E501 line too long (90 characters)
./zenmapGUI/ScanInterface.py:456:80: E501 line too long (84 characters)
./zenmapGUI/ScanInterface.py:464:80: E501 line too long (84 characters)
./zenmapGUI/ScanInterface.py:472:80: E501 line too long (122 characters)
./zenmapGUI/ScanInterface.py:479:80: E501 line too long (122 characters)
./zenmapGUI/ScanInterface.py:920:80: E501 line too long (94 characters)
./zenmapGUI/ScanInterface.py:923:80: E501 line too long (93 characters)
./zenmapGUI/MainWindow.py:575:80: E501 line too long (99 characters)
./zenmapGUI/MainWindow.py:906:80: E501 line too long (99 characters)
for file in `grep "* including the terms and conditions of this license text as well. \*" * -r --files-with-match `; do sed "s/\* including the terms and conditions of this license text as well. \*/* including the terms and conditions of this license text as well. */g" -i $file; done
Having this entry made it appear as if there was a search criterion
named for the empty string; i.e., a string like ":foobar" would be
parsed as an operator "" with an argument "foobar". There was no match
function defined for the empty string, which led to this crash:
Version: 6.25
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/zenmapGUI/ScanInterface.py", line 247, in filter_hosts
self.inventory.apply_filter(filter_string)
File "/usr/lib/python2.7/dist-packages/zenmapCore/NetworkInventory.py", line 502, in apply_filter
if not self._match_all_args(host, operator, args):
File "/usr/lib/python2.7/dist-packages/zenmapCore/NetworkInventory.py", line 452, in _match_all_args
if positive != self.__getattribute__("match_%s" % operator)(host, arg):
AttributeError: 'FilteredNetworkInventory' object has no attribute 'match_'
I did some quick tests and plain keyword searching (with no colon) seems
to still work. I'm not sure why the "" entry was ever present.
Reported by Kris Paernell.
http://seclists.org/nmap-dev/2013/q3/38
Zenmap was only showing the first line of @arg nsedoc entries, since it
was capturing the contents with a regular expression, which ends at the
first newline. Fixed by simply returning the entire contents with the
first word (the name of the arg) stripped off.
