-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use correct lengths for FQDN, not MAXHOSTNAMELEN #140
Comments
Confirmed still a problem:
Essentially, any time CC @W0naN0w |
Hello @dmiller-nmap, thank you for your observations, I opened a new PR (#462) which aims to fix this. |
Hello @dmiller-nmap, I just pushed the commit for this issue. Let me know if something goes wrong. Thank you for your time, |
As defined in nbase.h (or in some system header file on Linux),
MAXHOSTNAMELEN
is 64. This is the maximum length of a hostname, but not of a DNS name, which may be longer. RFC 1035 spells out that DNS names are formed of labels, each of which must be 63 octets or less, and that labels are combined to form a DNS name (a.k.a. FQDN) which may not exceed 255 octets. Each label is length-prefixed, so the ASCII readable name may only be 253 characters.Nmap currently uses
MAXHOSTNAMELEN
in some places where the 253-character length should be used instead. As a simple example (because nmap.org has wildcard DNS), you can scan the 71-character DNS name "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz0123456789.nmap.org" with a short timeout to see that the message about "Skipping host due to host timeout" truncates the name at 64 characters:Nmap also uses this length for the proxy host for Idle scan (
-sI
) and for the FTP server name for Bounce scan (-b
). Nping uses MAXHOSTNAMELEN, but defines it to be 128. A more complete audit should probably be made.The text was updated successfully, but these errors were encountered: