Nmap Development mailing list archives
Re: nmap-5.20 on x86_64 Segmentation fault
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Tue, 26 Jan 2010 02:27:47 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 25 Jan 2010 07:37:32 -0600 Kris Katterjohn <katterjohn () gmail com> wrote: [...snip...]
Socket troubles: Address family not supported by protocol nmap: nsock_core.c:1163: nsp_add_event: Assertion `nse->iod->sd= 0' failed. AbortIndeed, Nsock doesn't do IPv6 yet.Odds are I'm misunderstanding the issue (since I didn't receive Gunnar's email quoted here) or I'm not following this correctly, but what do you mean nsock doesn't do IPv6? Perhaps the assertion failure above was triggered with code utilizing a special part of nsock which doesn't support IPv6 yet, but I just wanted clarification here :) I know IPv6 is supported in Ncat via nsock, and surely NSE and version detection support IPv6 with it too.BrandonThanks, Kris Katterjohn
Hey Kris, sorry it took me all day to find the time to dig into this. Thanks for the sanity check, turns out I'm insane! You're right, of course. I thought we were missing some of the IPv6 framework in Nsock we needed to do v6 reverse lookups. I thought the "Socket troubles: Address family not supported by protocol" only confirmed that. I've dug into the "issue" though and it turns out the support is there and working. It seems if you're testing on a machine that doesn't have IPv6 support though that's what you get. So, specifically for Gunnar's issue, we can't read IPv6 addresses longer than 16 characters in /etc/resolv.conf without smashing the stack. We need to fix this but rather than hardcode a buffer of 128, David had some better ideas. I'm happy to code them up but I can't remember the name of the IPv6 address max string length constant he pointed out to me... With regard to skipping IPv6 DNS servers, we *should not* as long as we have IPv6 support compiled in. I haven't actually tried this to see if it fails gracefully or not. With regard to getting "Socket troubles: Address family not supported by protocol" out of Nsock when your OS doesn't do IPv6, I think we can print a little note reminding the user that their OS needs to support IPv6, not just Nmap. Regarding failing an assert() when the socket isn't created. I'm not sure if there is a much better way to fail so I don't see this as a huge deal. We might think about having Nmap check at startup if it can create an AF_INET6 socket so that later we don't bomb out. That's more of a future architectural thing though. Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) iEYEARECAAYFAkteUykACgkQqaGPzAsl94LNcQCdHeSAIy9q91AOR8o5R+whijqW NNIAnjawxWTag1fmfFfcGrp12CUYJ3m3 =pAaP -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- nmap-5.20 on x86_64 Segmentation fault Gunnar Lindberg (Jan 23)
- Re: nmap-5.20 on x86_64 Segmentation fault Brandon Enright (Jan 25)
- Re: nmap-5.20 on x86_64 Segmentation fault Brandon Enright (Jan 24)
- Re: nmap-5.20 on x86_64 Segmentation fault Gunnar Lindberg (Jan 25)
- Re: nmap-5.20 on x86_64 Segmentation fault Gunnar Lindberg (Jan 25)
- Re: nmap-5.20 on x86_64 Segmentation fault Brandon Enright (Jan 24)
- Re: nmap-5.20 on x86_64 Segmentation fault Kris Katterjohn (Jan 25)
- Re: nmap-5.20 on x86_64 Segmentation fault Brandon Enright (Jan 25)
- Re: nmap-5.20 on x86_64 Segmentation fault Kris Katterjohn (Jan 25)
- Re: nmap-5.20 on x86_64 Segmentation fault Gunnar Lindberg (Jan 26)
- Re: nmap-5.20 on x86_64 Segmentation fault Kris Katterjohn (Jan 26)
- Re: nmap-5.20 on x86_64 Segmentation fault David Fifield (Jan 27)
- Re: nmap-5.20 on x86_64 Segmentation fault Brandon Enright (Jan 24)
- Re: nmap-5.20 on x86_64 Segmentation fault Brandon Enright (Jan 25)
- Re: nmap-5.20 on x86_64 Segmentation fault Gunnar Lindberg (Jan 25)