This eliminates the ambiguity that could exist when, say, both o.udp and
o.sctp were both set. The code would use whichever it happened to test
first. This also makes TCP mode explicit with IPPROTO_TCP.
Resolves these Parfait reports
(http://seclists.org/nmap-dev/2012/q4/412).
Error: Null pointer dereference (CWE 476)
Read from null pointer 'fdn'
at line 328 of components/nmap/build/amd64/ncat/ncat_core.c in function 'blocking_fdinfo_send'.
Function 'get_fdinfo' may return constant 'NULL' at line 615, called at line 366 in function 'ncat_broadcast'.
Constant 'NULL' passed into function 'blocking_fdinfo_send', argument 'fdn', from call at line 367.
Null pointer introduced at line 615 of components/nmap/build/amd64/ncat/util.c in function 'get_fdinfo'.
at line 330 of components/nmap/build/amd64/ncat/ncat_core.c in function 'blocking_fdinfo_send'.
Function 'get_fdinfo' may return constant 'NULL' at line 615, called at line 366 in function 'ncat_broadcast'.
Constant 'NULL' passed into function 'blocking_fdinfo_send', argument 'fdn', from call at line 367.
Null pointer introduced at line 615 of components/nmap/build/amd64/ncat/util.c in function 'get_fdinfo'.
Error: Null pointer dereference (CWE 476)
Read from null pointer 'fdn'
at line 946 of components/nmap/build/amd64/ncat/ncat_listen.c in function 'shutdown_sockets'.
Function 'get_fdinfo' may return constant 'NULL' at line 615, called at line 945.
Null pointer introduced at line 615 of components/nmap/build/amd64/ncat/util.c in function 'get_fdinfo'.
compatibility between systems and use cases. [Henri Doreau]
There were known issues with the following cases:
* epoll and regular files
* kqueue and regular files
* WSAPoll and stdin
The --nsock-engine=<ENGINE> can still be used to bypass this
default choice.
See: http://seclists.org/nmap-dev/2012/q4/173
Besides the confusingness of the nodns argument being negatively
phrased, it had the value 0 in every existing call. Split out the nodns
special case into a separate function resolve_numeric.
This also has the side effect of changing the number of parameters to
the resolve function, which will cause a compile error for any calls I
might have missed changing when I changed the return code meaning in the
previous commit.
Ncat has its own copy of resolve, which obeys the global o.nodns rather
than a parameter. I'm leaving that alone for now. But give it the same
resolve_internal function, and make resolve call it with different flags
depending on the value of o.nodns.
The only error we can have apart from a getaddrinfo error is a list of
zero addresses; return EAI_NONAME in that case.
This unfortunately inverts the truth value of the return code of
resolve; 0 now means success.
It is possible to send so quickly that we start getting EAGAIN on sends.
In listen mode, this means that some sends can get lost. This patch,
adapted from one by Alex Weber, makes sockets blocking for the duration
of the send. This is not as nice as retrying the send through an event
mechanism, but should at least be correct.
http://seclists.org/nmap-dev/2012/q3/670
Compare a similar patch in r13552, which applied to --exec mode.
If you have trouble updating after this revision you need to follow
these instructions. You have probably just seen an error like this:
svn: URL 'svn://svn.insecure.org/nping' of existing directory 'nping'
does not match expected URL 'svn://svn.insecure.org/nmap/nping'
This is caused by the replacement of SVN externals.
Here's what you need to do. First, save any local changes you might have
in the nping, nsock, nbase, ncat, and zenmap directories. (For example
by running "cd nping; svn diff > ../nping.diff".) If you don't have any
local changes you can skip this step.
Then run these commands:
rm -rf nping/ nsock/ nbase/ ncat/ zenmap/
svn update
svn cleanup
If all else fails, you can just delete your whole working directory and
check out anew:
svn co --username guest --password "" svn://svn.insecure.org/nmap
There may be further discussion in the mailing list thread at
http://seclists.org/nmap-dev/2011/q4/303.
