Re: [nmap-svn] r19779 - nmap-exp/djalal/nmap-add-targets

[Djalal Harouni <tixxdz () gmail com>]

On 2010-08-16 01:01:33 -0700, Fyodor wrote:
> On Sun, Aug 15, 2010 at 07:01:24PM -0700, commit-mailer () insecure org wrote:
> > Log:
> > Fatal when post-scripts call target.add().
> [...]
> > +  if (new_targets == NULL)
> > +    fatal("Failed can't insert new targets, no ressources.");
>
> I just have a couple minor comments on this:
>
> 1) If it is easily accomplished, I think it is better to just print a
>    warning rather than quit Nmap if a script calls target.add() in an
>    inappropriate time (postrule action).  We generally try to make it
>    hard for scripts to crash Nmap itself, and try to limit damage to just
>    the running script itself.
>
> 2) You've got an extra s in 'ressources' and "Failed can't" should
>    probably be "Failed to".  Also, I think the error
>    message could be made more clear.  If this only happens in the case
>    where post-scripts call target.add() (as mentioned in the svn log), I
>    think that should be mentioned in the message.
Hi Fyodor,

I've done some changes and fixes as r19879.

Now when post-scanning scripts try to add new targets an error is
returned with the appropriate error message printed and also returned
to NSE scripts.

I've also done some other optimizations on how target *specifications*
are saved and filtered, I know that this is not the *best* solution and we
should use a more complex filtering system especially if users want to
scan large networks and enable new targets addition, and after some days
I'll try to do the filtering based on the IPv4/IPv6 addresses and perhaps
use some cidr notations.

Thx.

-- 
tixxdz
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/