6.49BETA1 UltraProbe::icmpid() const: Assertion Error #154

Closed
Neo23x0 opened this Issue Jun 5, 2015 · 4 comments

Comments

Projects
None yet
3 participants

Neo23x0 commented Jun 5, 2015

Compiling the current Nmap 6.49BETA1 from the published tarball and the github repo I get the following error on Kali Linux x64:

root@kali:~/download/nmap# nmap -sV 192.168.14.0/24 Starting Nmap 6.49BETA1 ( http://nmap.org ) at 2015-06-05 11:56 CEST nmap: scan_engine_raw.cc:206: u16 UltraProbe::icmpid() const: Assertionmypspec.proto == IPPROTO_ICMP || mypspec.proto == IPPROTO_ICMPV6' failed.`

I can avoid this error by using "-Pn", so I suppose this is related to the ICMP sweep.

Was just about to report this myself :)

The crash occurs when a destination unreachable ICMP message is received.

nmap -V Nmap version 6.49BETA1 ( http://nmap.org ) Platform: x86_64-unknown-linux-gnu Compiled with: nmap-liblua-5.2.3 openssl-1.0.1f libpcre-8.31 nmap-libpcap-1.7.3 nmap-libdnet-1.12 ipv6 Compiled without: Available nsock engines: epoll poll select

OS: Ubuntu 14.04 (tested on Desktop and Server)

When nmap undergoes host discovery, if a host responds with an ICMP Destination Unreachable, Nmap aborts with the following error:

nmap: scan_engine_raw.cc:206: u16 UltraProbe::icmpid() const: Assertion 'mypspec.proto == IPPROTO_ICMP || mypspec.proto == IPPROTO_ICMPV6' failed. Aborted (core dumped)

This issue has been reproduced with ICMP Destination Unreachable types 13 (Communication Administratively Prohibited) and type 0 (Net Unreachable) messages. Other Destination Unreachable messages may also be affected.

Replied on nmap-dev mailing list: http://seclists.org/nmap-dev/2015/q2/220

Thanks so much for this critical bug report! We recently added a new check
for ICMP messages which calls the icmpid() function, but we didn't add a
corresponding check to be sure that function was safe to call. Would you be
able to apply the attached patch and let us know if it solves the issue?

Attached patch

Neo23x0 commented Jun 6, 2015

Works for me. No more errors. Thanks

The version I pulled from the github repo says "Nmap 6.47SVN". Is that OK?
I applied the patch to the tarball published on the website as Nmap-6.49BETA1 and the cloned github repo and compiled both. (just to be sure)

@nmap-bot nmap-bot pushed a commit that referenced this issue Jun 7, 2015

@bonsaiviking bonsaiviking Fix assertion error #154 eba1712

A fix for this issue has been released in Nmap 6.49BETA2

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment