[prev in list] [next in list] [prev in thread] [next in thread]
List: nmap-dev
Subject: Re: [nmap-svn] r12345 - in nmap: nselib scripts
From: Ron <ron () skullsecurity ! net>
Date: 2009-02-27 21:05:31
Message-ID: 49A8559B.7080208 () skullsecurity ! net
[Download RAW message or body]
Congrats to Nmap on commit 12345. :)
(sorry for noise, but I consider it a major landmark :D)
Ron
commit-mailer@insecure.org wrote:
> Author: david
> Date: Fri Feb 27 12:16:29 2009
> New Revision: 12345
>
> Modified:
> nmap/nselib/dns.lua
> nmap/scripts/dns-zone-transfer.nse
>
> Log:
> In dns-zone-transfer.nse, return "<parse error>" in case domain decoding fails.
> otherwise there is an assertion failure trying to insert a nil into an output
> table in tab.lua. Increase the maximum number of message compression pointers
> we will follow in dns.lua from 3 to 10, because Brandon found a server that
> used 4..
>
>
> Modified: nmap/nselib/dns.lua
> ==============================================================================
> --- nmap/nselib/dns.lua (original)
> +++ nmap/nselib/dns.lua Fri Feb 27 12:16:29 2009
> @@ -486,7 +486,7 @@
> local part
>
> -- Avoid infinite recursion on malformed compressed messages.
> - limit = limit or 3
> + limit = limit or 10
> if limit < 0 then
> return pos, nil
> end
>
> Modified: nmap/scripts/dns-zone-transfer.nse
> ==============================================================================
> --- nmap/scripts/dns-zone-transfer.nse (original)
> +++ nmap/scripts/dns-zone-transfer.nse Fri Feb 27 12:16:29 2009
> @@ -123,7 +123,9 @@
> --@param data String of data.
> --@param offset Offset in the string to read the domain name.
> function parse_domain(data, offset)
> - return dns.decStr(data, offset)
> + local offset, domain = dns.decStr(data, offset)
> + domain = domain or "<parse error>"
> + return offset, domain
> end
>
> --- Build RFC 1035 root domain name from the name of the DNS server
>
> _______________________________________________
> Sent through the nmap-svn mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-svn
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic