Nmap Development mailing list archives
Re: Interacting with scan can break XML DTD validation
From: David Fifield <david () bamsoftware com>
Date: Fri, 2 Sep 2011 14:39:54 -0700
On Fri, Sep 02, 2011 at 04:19:06PM -0500, Daniel Miller wrote:
Hey list, I found an issue that may not be worth pursuing, but here it is: When increasing verbosity in the middle of a scan, XML elements may be output without preceding ones (e.g. taskend without corresponding taskbegin), which causes the output to fail DTD validation. Steps to reproduce: 1. Start a scan with parallel DNS resolution and XML output: $ nmap -sL -oX out.xml 192.168.1.0/24 2. Between 1-2 seconds after initiating, press "v" to increase verbosity. 3. Try to validate the output against DTD. Example output from python lxml validator: out.xml:4:0:ERROR:VALID:DTD_CONTENT_MODEL: Element nmaprun content does not follow the DTD, expecting (scaninfo* , verbose , debugging , ((taskbegin , taskprogress* , taskend) | prescript | postscript | host | output)* , runstats), got (verbose debugging taskend host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host host runstats )
Good find. I think this is a problem with the DTD, specifically the (taskbegin, taskprogress*, taskend) part. It's hard to enforce ordering and number of elements like this. Can you try just folding those into the rest of the unordered elements, and if that works, send the patch?
As a side note, I also found and patched a problem with the DTD regarding service fingerprint confidence levels. Previously, these were enumerated as 0, 3, 5, and 10, but I found tcpwrapped services were given a value of 8. The comments in portlist.h say it could be any integer between 0 and 10, so that's what I changed the DTD to reflect.
Thanks, committed it. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Interacting with scan can break XML DTD validation Daniel Miller (Sep 05)
- Re: Interacting with scan can break XML DTD validation David Fifield (Sep 05)
- Re: Interacting with scan can break XML DTD validation Daniel Miller (Sep 05)
- Re: Interacting with scan can break XML DTD validation David Fifield (Sep 05)
- Re: Interacting with scan can break XML DTD validation Daniel Miller (Sep 05)
- Re: Interacting with scan can break XML DTD validation David Fifield (Sep 05)