http-grep.nse is not working properly. line 159 and 160. there is a bug if doubled is greater than 9 #1931

zheli-1 · 2020-02-21T22:58:33Z

The following command will recreate the bug.
nmap google-gruyere.appspot.com --script http-grep --script-args 'http-grep.builtins ={"discover"}, http-grep.url="/432894489680891189865518341201629552984/snippets.gtl?uid=zl3"'
the host is up recreate it anytime.

When will it happen and why
There is a bug if doubled is greater than 9. doubled is not gsubbed correctly after line 160
doubled = string.gsub(doubled,'(%d)(%d)',function(a,b)return a+b end)
for example if doubled = 14, after the line above double will be 5.0.0
and it is added to s2 so it will raise the error as below:

NSE: http-grep against google-gruyere.appspot.com (216.58.193.84:443) threw an error!
/home/zheli/nmap_no_interning/nmap/scripts/http-grep.nse:189: attempt to perform arithmetic on a string value (local 'doubled')

the line number is different because I print some debug info in my local file.

The text was updated successfully, but these errors were encountered:

zheli-1 · 2020-02-22T00:52:22Z

This is my pull request fixing this bug. I can't find a way to link them together...
https://github.com/nmap/nmap/pull/1932

nnposter self-assigned this Mar 1, 2020

nnposter added bug NSE labels Mar 1, 2020

nmap-bot closed this as completed in 44d7dbc Mar 1, 2020

http-grep.nse is not working properly. line 159 and 160. there is a bug if doubled is greater than 9 #1931

http-grep.nse is not working properly. line 159 and 160. there is a bug if doubled is greater than 9 #1931

zheli-1 commented Feb 21, 2020

zheli-1 commented Feb 22, 2020 •

edited

http-grep.nse is not working properly. line 159 and 160. there is a bug if doubled is greater than 9 #1931

http-grep.nse is not working properly. line 159 and 160. there is a bug if doubled is greater than 9 #1931

Comments

zheli-1 commented Feb 21, 2020

zheli-1 commented Feb 22, 2020 • edited

zheli-1 commented Feb 22, 2020 •

edited