On 9/13/07, David Fifield <david_at_bamsoftware.com> wrote:
> On Thu, Sep 13, 2007 at 05:37:24PM +0100, Rob Nicholls wrote:
> > I finally got around to testing the new 4.22SOC6 win32 binary (using the
> > zip file) and spotted that it crashed when I asked it to perform a
> > Connect() Scan.
>
> I was able to reproduce this on Windows XP, both the "Unknown error" and
> the crash. I'll investigate it and let you know what I find.
>
> The big change between 4.22SOC5 and 4.22SOC6 was the massping migration,
> which changes the way host discovery is done. That shouldn't affect port
> scans, but you never know.
I was also able to reproduce this bug. It crashes during connect scan,
in scan_engine.cc:3050 in
static bool do_one_select_round(UltraScanInfo *USI, struct timeval *stime)
[...]
for(hostI = USI->incompleteHosts.begin();
hostI != USI->completedHosts.end() && numGoodSD < selectres; hostI++) {
[...]
It seems that one of the lists is corrupted (I bet USI->incompleteHosts).
I also think that the bug was introduced with 4.22SOC6.
(and there were changes to do_one_select_round between SOC5 and SOC6)
MM.
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Thu Sep 13 2007 - 22:41:40 GMT
This archive was generated by hypermail 2.2.0 : Thu Sep 13 2007 - 22:41:48 GMT