Nmap Development mailing list archives
Nping Segfaults with certain inputs to "--data"
From: Greg Skoczek <gsk067 () gmail com>
Date: Wed, 26 May 2010 14:21:40 -0500
Hi, I've worked on a bug pointed out to me by Luis. This bug causes nping to segfault when using any of the following as input for the --data option: "","\x","0x". This bug is easy to reproduce, the output is as follows 14:15:54 /root: nping $SOME_HOST --data "" zsh: segmentation fault nping $SOME_HOST --data "" 14:16:01 /root: nping $SOME_HOST --data "\x" zsh: segmentation fault nping $SOME_HOST --data "\x" 14:16:13 /root: nping $SOME_HOST --data "0x" zsh: segmentation fault nping $SOME_HOST --data "0x" I found the source of the bug to be in utils.cc in the function parseBufferSpec(). I've attached a simple patch that moves a little bit of code around and checks string lengths that should clear up this bug. Greg
Attachment:
utils.cc.patch
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Nping Segfaults with certain inputs to "--data" Greg Skoczek (May 26)
- Re: Nping Segfaults with certain inputs to "--data" Luis MartinGarcia. (May 26)