Re: Completed Lua 5.3 upgrade!

[Patrick Donnelly <batrick () batbytes com>]

Daniel, many thanks for testing again. Comments in-line:

On Sat, Jun 25, 2016 at 3:50 PM, Daniel Miller <bonsaiviking () gmail com> wrote:
> 1. The bin.pack function is choking on this line in wdb-version:
>
> return packet .. bin.pack(">S2", 0xffff, sum) .. wdbwrapper .. data
>
> giving this error:
>
> nmap-lua53/nselib/bin.lua:136: bad argument #2 to 'pack' (unsigned overflow)
> stack traceback:
>         [C]: in function 'string.pack'
>         /home/miller/nmap/nmap-lua53/nselib/bin.lua:136: in function
> 'bin.pack'
>         /home/miller/nmap/nmap-lua53/scripts/wdb-version.nse:88: in upvalue
> 'request'
>         /home/miller/nmap/nmap-lua53/scripts/wdb-version.nse:172: in
> function </home/miller/nmap/nmap-lua53/scripts/wdb-version.nse:163>
>         (...tail calls...)
>
> Now, I would do this differently if I were writing the script today, but I
> really don't see why using the "S" template to pack a literal 0xffff is
> resulting in an overflow. If it were a signed template, I would understand.

This error message is unfortunately confusing and should be fixed. The
complaint is actually about the third argument (sum). See for example:

> (">I2I2"):pack(0xffff, 0x1ffff)
stdin:1: bad argument #2 to 'pack' (unsigned overflow)
stack traceback:
        [C]: in function 'string.pack'
        stdin:1: in main chunk
        [C]: in ?

This may or may not be a bug in wdb-version but it's simple enough to
fix: we can just truncate each argument based on the size of the pack
format specifier. I will look into making that change.

> 2. Not sure what's wrong with this one:
>
> NSE: dns-nsid against 72.14.177.12:53.0 threw an error!
> /home/miller/nmap/nmap-lua53/nselib/bin.lua:112: attempt to get length of a
> nil value (field '?')
> stack traceback:
>   /home/miller/nmap/nmap-lua53/nselib/bin.lua:112: in function
> </home/miller/nmap/nmap-lua53/nselib/bin.lua:78>
>   [C]: in function 'string.gsub'
>   /home/miller/nmap/nmap-lua53/nselib/bin.lua:135: in function 'bin.pack'
>   /home/miller/nmap/nmap-lua53/nselib/dns.lua:857: in upvalue
> 'encodeAdditional'
>   /home/miller/nmap/nmap-lua53/nselib/dns.lua:897: in function 'dns.encode'
>   /home/miller/nmap/nmap-lua53/nselib/dns.lua:374: in function 'dns.query'
>   /home/miller/nmap/nmap-lua53/scripts/dns-nsid.nse:79: in function
> </home/miller/nmap/nmap-lua53/scripts/dns-nsid.nse:76>
>   (...tail calls...)

Ah, this was caused by missing "x" for bin.pack specifiers. Fixed in the branch.

> 3. base64.dec is less tolerant of trailing whitespace (a \r\n sequence in
> this case, I think):
>
> /home/miller/nmap/nmap-lua53/nselib/base64.lua:118: invalid encoding: input
> is not divisible by 4
> stack traceback:
>   [C]: in function 'error'
>   /home/miller/nmap/nmap-lua53/nselib/base64.lua:118: in function
> 'base64.dec'
>   /home/miller/nmap/nmap-lua53/scripts/smtp-ntlm-info.nse:137: in function
> </home/miller/nmap/nmap-lua53/scripts/smtp-ntlm-info.nse:85>
>   (...tail calls...)

I added a call to gsub out the whitespace. Thanks.

> 4. Port numbers in the THREAD_AGAINST are being output as floats with a
> trailing ".0". We should output them as integers instead.

Fixed in the branch. Thanks!

-- 
Patrick Donnelly
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/