Only FD_SET and FD_CLR were available. Added a FD_ISSET equivalent.
Implemented them as static inline instead of macros for consistency.
These functions abort() if the FD number is higher than FD_SETSIZE
(except on windows where no check is performed).
From this thread: http://seclists.org/nmap-dev/2014/q1/105
* Extensions now better supported in tls.lua
* ssl-enum-ciphers sends all EC options to ensure servers reply with
supported EC suites
* tls.lua supports multiple messages of a single type within 1 record
* tls.record_buffer will read an entire TLS record into a buffer
* ssl-date and tls-nextprotoneg updated to use tls.record_buffer
This wasn't using Nmap's included libpcap if no options were specified,
instead compiling nsock without pcap support if no libpcap could be
found (which breaks Nmap)
string.gsub returns 2 values, the new string and the number of
replacements made. It also has a 4th argument, the number of
replacements to make. So when you use the return value of gsub as the
3rd argument, and no replacements were made, it instructs the next call
to not make any replacements. Thanks to Ron Bowes for reporting this
issue.
A user reported this crash when scanning a target whose name contained
the '%' character:
NSE: Script Engine Scan Aborted.
An error was thrown by the engine: nse_main.lua:322: invalid capture index
stack traceback:
[C]: in function 'gsub'
nse_main.lua:322: in function 'd'
nse_main.lua:377: in function 'start'
nse_main.lua:912: in function 'run'
nse_main.lua:1390: in function <nse_main.lua:1293>
[C]: in ?
I'm not sure how a name with '%' got resolved, but I was able to
reproduce the crash by adding this line to /etc/hosts:
127.0.0.1 a%40b
and then running
./nmap --script=banner a%40b -d --top-ports 5
The gsub function recognizes "%d", where d is a digit, as a capture
index. The constructed string is then passed to print_debug, which is
like printf. Therefore we escape every occurrence of "%" twice, to get
"%%%%".
Changed indentation to 2 spaces, converted \r\n line endings to \n,
changed line-internal tabs to single space, removed whitespace at line
endings, reindented entire file with vim.
https://secwiki.org/w/Nmap/Code_Standards
Subclassed SyntaxError to provide some useful info when this happens. It
was happening with unittest.nse because it wasn't part of any category.
Previously, this would crash Zenmap because ScriptDBSyntaxError was
undefined. Now it crashes because there's really a syntax error (fixed
in previous revision)
These implementations were all functionally identical. The replacement
has an extra feature of returning the index where the value was found,
currently unused.
This function will format a MAC address as colon-separated hex bytes.
It's really very simple: stdnse.tohex(mac, {separator=":"})
This commit updates all the instances I could find of the varying
convoluted attempts at performing this conversion.
This saves a function call by using subclassing dict instead of using a
real dict. When a cache hit occurs, there is no overhead beyond a
standard dict lookup, which in most implementations is very fast. Cache
miss is similar performance to previous.
Also added a unittest for this functionality.
In general, it's better to use explicit flow control than to throw
and/or catch generic exceptions. Example:
try:
thing = d["key"]
except:
pass
This 1. catches an inspecific exception (probably KeyError), 2. can be
replaced with a check for ("key" is in d), and 3. can often be replaced
with d.get("key", some_default_value).
Issues fixed:
1 E111 indentation is not a multiple of four
1 E201 whitespace after '['
14 E251 no spaces around keyword / parameter equals
7 E301 expected 1 blank line, found 0
55 E302 expected 2 blank lines, found 1
69 E501 line too long (80 characters)
3 W291 trailing whitespace
4 W601 .has_key() is deprecated, use 'in'
