You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There is a defect in how script qscan.nse implements script parameter qscan.delay. Specifically, it compares its value (which is in seconds) against an observed round-trip time (which is in microseconds).
The following patch remediates the issue. It also incidentally resolves #1037.
--- a/scripts/qscan.nse+++ b/scripts/qscan.nse@@ -484,12 +484,9 @@
-- Unlike qscan.cc which loops around while waiting for
-- the delay, I just sleep here (depending on rtt)
- if rtt < (3 * delay) / 2 then- if rtt < (delay / 2) then- stdnse.sleep(((delay / 2) + math.random(0, delay) - rtt))- else- stdnse.sleep(math.random((3 * delay) / 2 - rtt))- end+ local sleep = delay * (0.5 + math.random()) - rtt / 1000000+ if sleep > 0 then+ stdnse.sleep(sleep)
end
end
end
Please let me know if you have any questions or concerns. Otherwise I will commit the patch in a few weeks.
The text was updated successfully, but these errors were encountered:
There is a defect in how script
qscan.nse
implements script parameterqscan.delay
. Specifically, it compares its value (which is in seconds) against an observed round-trip time (which is in microseconds).The following patch remediates the issue. It also incidentally resolves #1037.
Please let me know if you have any questions or concerns. Otherwise I will commit the patch in a few weeks.
The text was updated successfully, but these errors were encountered: