How about now?
-JR
On Wed, Sep 29, 2021 at 8:59 AM Theo Buehler <tb@theobuehler.org> wrote:
> On Wed, Sep 29, 2021 at 08:49:06AM -0700, JR Aquino wrote:
> > Thanks Niklas!
> >
> > The patches apply, build, and run cleanly.
>
> The patches did not make it to the list.
>
> >
> > The fix makes sense to incorporate in our OpenBSD port for nmap 7.91, but
> > we should revisit it in the future with any new upstream releases in case
> > there are subtle changes from what is in their github repo today.
> >
> > Unless anyone else has strong opinions, I'm good with the patches and
> would
> > like to ask another port maintainer with CVS privileges to review and
> > commit.
> >
> > -JR
> >
> > On Wed, Sep 29, 2021 at 8:37 AM Niklas Hallqvist <niklas@appli.se>
> wrote:
> >
> > > Hi!
> > >
> > > While testing 7.0 packages I got an nmap segfault. It has been fixed
> > > upstream in their github, but I don't know if it's part of any release
> yet.
> > >
> > > However their fix may be incomplete as there are other opportunities
> for
> > > a negative buffer overflow in nmap_dns.cc, at least without knowing all
> > > callers of the ptrToIp method.
> > >
> > > I attach a patch that works for me (tm) as well as a patch to add a
> > > debug package for nmap, which was needed for me to debug this issue.
> > >
> > > Even if its too late for 7.0, at least the segfault fix might make
> > > 7.0-stable package, I reckon.
> > >
> > > The fault is indeterministic, and triggered by a PTR name being aligned
> > > at the beginning of a page immediately preceded by an unmapped page.
> > > The case which triggers it fairly often for me was just a nmap of a
> > > single TCP port over some seven or so /24-networks.
> > >
> > > /Niklas
> > >
>
No comments:
Post a Comment