Nmap Development mailing list archives
Assertion failure with zero-byte Nsock writes
From: David Fifield <david () bamsoftware com>
Date: Thu, 21 Jan 2010 18:38:00 -0700
You can crash Nmap with the following NSE script: description = "" categories = {} require("nmap") portrule = function() return true end action = function(host, port) local sock = nmap.new_socket() sock:connect(host.ip, port.number) sock:send("") end The error is the same one pyllyukko reported in http://seclists.org/nmap-dev/2010/q1/193, nmap: nsock_core.c:516: handle_write_result: Assertion `bytesleft > 0' failed. The same thing can be done from C code that does a zero-byte nsock_write. Do we want to change this? Some alternatives are to treat this as a normal, handleable Nsock error, to treat the call as a no-op (in the TCP case) and return success immediately, or to just do a zero-byte send with whatever behavior that may invoke. I don't think that the assertion was meant to prohibit zero-byte write, though it has that effect. It looks like it was meant to catch errors in Nsock's internal buffering code, where the internal send routine shouldn't be called again once the buffer is exhausted. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Assertion failure with zero-byte Nsock writes David Fifield (Jan 21)
- Re: Assertion failure with zero-byte Nsock writes Fyodor (Jan 21)
- Re: Assertion failure with zero-byte Nsock writes David Fifield (Feb 15)
- Re: Assertion failure with zero-byte Nsock writes Fyodor (Jan 21)