nmap7.60 crash in libpcre.so when scan service #1108
In centos7, use nmap 7.60(x64) scan os fingerprint may be lead to crash for some specific ip ports.
the crash backtrace is as follows:
The text was updated successfully, but these errors were encountered:
I cannot reproduce this on CentOS 7.4.1708 with libpcre 8.32. Since the crash is in libpcre, you may have a corrupted libpcre.so, which you can diagnose by running
OS detection does not use libpcre, so the crash is not related to that.
Thanks for your reply. I'm sorry, it's not crashed in os detection, but in service scan, it will still crash without -O. I guess the root cause is improper regex leads stack overflow in pcre match method, and this may lead some security issue. The crash doesn't appear stably, you can reproduce by multiple attempt. The old nmap(7.12) has no this issue, The stack info and version info is as follows.
The complete crash stack is:
This is my nmap version info: