Cross-compiled nmap 7.70 + NSE crash when running "telnet-brute" #1233
I'm sorry I couldn't narrow the issue...
Running the same script and command, with nmap 7.70 return the following error (with
The text was updated successfully, but these errors were encountered:
Thanks for the report! I can confirm this is happening, and is not related to cross-compiling or architecture. I've got one fix in for a different assertion,
This one was due to either calling close or the script being stopped by some external force while the socket read handler was still waiting. I'm still analyzing why it happened, but the fix is in, which allowed me to get the exact assertion failure you have reported.
Well, this is a tricky one. So a bunch of the NSE socket internals are under the assumption that a socket will be worked on by only a single thread at a time. The socket object has a
We'll get it figured out soon. Very glad you reported it!
Just adding a few thoughts:
Ya, don't do that! The script/library should be fixed. Library could be modified perhaps to check if the socket currently has a thread operating on it.
I don't agree. What does it mean to have two threads waiting on a read on a socket? Or, one writing and one reading?
Rather than an assert, I would recommend throwing a Lua error as the script is buggy but it should not cause Nmap to crash. Otherwise, checking if the socket has an operation in-flight is a good idea.
Well, it appears things were different than I thought. Sorry, @nnposter, there's nothing wrong with your script. I simplified it to use the brute.lua improvements instead of its own multithreading stuff, and it still triggers the error. Turns out the problem was with the brute.lua improvements, specifically the wrapping of the socket object. Because it was done improperly, any socket calls that were not wrapped explicitly would be called on a reference that just tracked the last socket to be created with
A fix is incoming, but @alexisfacques if you want to quickly fix this one script, just change