-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Segmentation fault (core dumped) #1147
Comments
Thanks for the bug report! It would be helpful to have the core dump file from the crash. Also, can you try using the Apart from this, the output from this command with (EDITED to fix link to stackoverflow question regarding OS X core dumps) |
Ok, I've successfully reproduced this bug. Whatever the service is, it responds to some probes (
Specifically, we're getting into a really deep recursion in trying to match that "any number of single characters not followed by '\r\n\r\n'" group. I don't quite understand why it's recursing; we used this pattern in a lot of places to match "some number of HTTP headers, but not the message body." And it's only affecting some versions of libpcre, including the one Nmap includes in its source tree. Apparently #1108 shows the same crash affecting CentOS. I'm going to try some things to improve the performance of these match lines, but the better solution might be to upgrade libpcre. Here are some workarounds for now:
Thanks for reporting! |
Ok, I figured out a good solution for now: we need to make these groups non-greedy. Our intent was to allow the patterns to match within the headers only, and stop when they get to the end of the headers. This is because the body of a HTTP response could be quite large, and we'd like to fail quickly. But what was actually happening is that the regex engine was seeing the greedy To take the example from before, this is the new match line:
Note the addition of the |
operating system:Mac Sierra 10.12.6
nmap version: 7.60
ip address: 112.17.252.40
When I detect the operating system fingerprint and version, nmap throw a question:
Segmentation fault (core dumped)
here is code:
when i change nmap version to 7.4, We can obtain normal result。
I don't know why and what cause this.
If you can give me any answer or suggestion, my pleasure! thanks in advance!
The text was updated successfully, but these errors were encountered: