diff --git a/nbase/nbase_ipv6.h b/nbase/nbase_ipv6.h index 18f7bee8b..ccc01eded 100644 --- a/nbase/nbase_ipv6.h +++ b/nbase/nbase_ipv6.h @@ -139,6 +139,8 @@ int sockaddr_storage_equal(const struct sockaddr_storage *a, thread in the process). If there is a weird error (like sslen being too short) then NULL will be returned. */ const char *inet_ntop_ez(const struct sockaddr_storage *ss, size_t sslen); +/* Same, but no extra length checks */ +const char *inet_socktop(const struct sockaddr_storage *ss); #if !HAVE_GETNAMEINFO || !HAVE_GETADDRINFO diff --git a/nbase/nbase_misc.c b/nbase/nbase_misc.c index 75c5b6f1b..5bfce612f 100644 --- a/nbase/nbase_misc.c +++ b/nbase/nbase_misc.c @@ -191,6 +191,11 @@ const char *inet_ntop_ez(const struct sockaddr_storage *ss, size_t sslen) { return NULL; } +/* Same as inet_ntop_ez, but assumes sslen==sizeof(sockaddr_storage) */ +const char *inet_socktop(const struct sockaddr_storage *ss) { + return inet_ntop_ez(ss, sizeof(*ss)); +} + /* Create a new socket inheritable by subprocesses. On non-Windows systems it's just a normal socket. */ int inheritable_socket(int af, int style, int protocol) { diff --git a/ncat/ncat_connect.c b/ncat/ncat_connect.c index aa60b556c..34d0c25ec 100644 --- a/ncat/ncat_connect.c +++ b/ncat/ncat_connect.c @@ -269,7 +269,7 @@ static void connect_report(nsock_iod nsi) } } -/* Just like inet_socktop, but it puts IPv6 addresses in square brackets. */ +/* Just like socktop, but it puts IPv6 addresses in square brackets. */ static const char *sock_to_url(char *host_str, unsigned short port) { static char buf[512]; @@ -391,7 +391,7 @@ static int do_proxy_http(void) target = o.target; } else { /* addr is now populated with either sockaddr_in or sockaddr_in6 */ - Strncpy(addrstr, inet_socktop(&addr), sizeof(addrstr)); + Strncpy(addrstr, inet_socktop_safe(&addr), sizeof(addrstr)); target = addrstr; if (o.verbose && getaddrfamily(o.target) == -1) loguser("Host %s locally resolved to %s.\n", o.target, target); @@ -548,7 +548,7 @@ static int do_proxy_socks4(void) } if (o.verbose) { - loguser("Connected to proxy %s:%hu\n", inet_socktop(&targetaddrs->addr), + loguser("Connected to proxy %s:%hu\n", inet_socktop_safe(&targetaddrs->addr), inet_port(&targetaddrs->addr)); } @@ -588,7 +588,7 @@ static int do_proxy_socks4(void) socks4msg.address = addr.in.sin_addr.s_addr; if (o.verbose && getaddrfamily(o.target) == -1) loguser("Host %s locally resolved to %s.\n", o.target, - inet_socktop(&addr)); + inet_socktop_safe(&addr)); } if (send(sd, (char *)&socks4msg, offsetof(struct socks4_data, data) + datalen, 0) < 0) { @@ -643,7 +643,7 @@ static int do_proxy_socks5(void) } if (o.verbose) { - loguser("Connected to proxy %s:%hu\n", inet_socktop(&targetaddrs->addr), + loguser("Connected to proxy %s:%hu\n", inet_socktop_safe(&targetaddrs->addr), inet_port(&targetaddrs->addr)); } @@ -815,7 +815,7 @@ static int do_proxy_socks5(void) dstlen = addrlen; if (o.verbose && getaddrfamily(o.target) == -1) loguser("Host %s locally resolved to %s.\n", o.target, - inet_socktop(&addr)); + inet_socktop_safe(&addr)); } memcpy(socks5msg2.dst + dstlen, &proxyport, 2); @@ -1190,7 +1190,7 @@ static void connect_handler(nsock_pool nsp, nsock_event evt, void *data) zmem(&peer, sizeof(peer.storage)); nsock_iod_get_communication_info(cs.sock_nsi, NULL, NULL, NULL, &peer.sockaddr, sizeof(peer.storage)); - loguser("Connection to %s failed: %s.\n", inet_socktop(&peer), + loguser("Connection to %s failed: %s.\n", inet_socktop_safe(&peer), (status == NSE_STATUS_TIMEOUT) ? nse_status2str(status) : socket_strerror(nse_errorcode(evt))); diff --git a/ncat/ncat_ssl.c b/ncat/ncat_ssl.c index 72d91534c..33c346c4c 100644 --- a/ncat/ncat_ssl.c +++ b/ncat/ncat_ssl.c @@ -668,7 +668,7 @@ int ssl_handshake(struct fdinfo *sinfo) if (o.verbose) { loguser("Failed SSL connection from %s: %s\n", - inet_socktop(&sinfo->remoteaddr), + inet_socktop_safe(&sinfo->remoteaddr), ERR_error_string(ERR_get_error(), NULL)); } return NCAT_SSL_HANDSHAKE_FAILED; diff --git a/ncat/util.c b/ncat/util.c index 288d5cd58..07e63d2a0 100644 --- a/ncat/util.c +++ b/ncat/util.c @@ -363,10 +363,10 @@ const char *socktop(const union sockaddr_u *su, socklen_t ss_len) break; #endif case AF_INET: - Snprintf(buf, sizeof(buf), "%s:%hu", inet_socktop(su), inet_port(su)); + Snprintf(buf, sizeof(buf), "%s:%hu", inet_socktop_safe(su), inet_port(su)); break; case AF_INET6: - Snprintf(buf, sizeof(buf), "[%s]:%hu", inet_socktop(su), inet_port(su)); + Snprintf(buf, sizeof(buf), "[%s]:%hu", inet_socktop_safe(su), inet_port(su)); break; default: return NULL; @@ -379,21 +379,10 @@ const char *socktop(const union sockaddr_u *su, socklen_t ss_len) IPv6 IP address string. Since a static buffer is returned, this is not thread-safe and can only be used once in calls like printf() */ -const char *inet_socktop(const union sockaddr_u *su) +const char *inet_socktop_safe(const union sockaddr_u *su) { - static char buf[INET6_ADDRSTRLEN + 1]; - void *addr; - - if (su->storage.ss_family == AF_INET) - addr = (void *) &su->in.sin_addr; -#if HAVE_IPV6 - else if (su->storage.ss_family == AF_INET6) - addr = (void *) &su->in6.sin6_addr; -#endif - else - bye("Invalid address family passed to inet_socktop()."); - - if (inet_ntop(su->storage.ss_family, addr, buf, sizeof(buf)) == NULL) { + const char *buf = inet_socktop(&su->storage); + if (buf == NULL) { bye("Failed to convert address to presentation format! Error: %s.", strerror(socket_errno())); } diff --git a/ncat/util.h b/ncat/util.h index bca0f0c7c..3f469aab9 100644 --- a/ncat/util.h +++ b/ncat/util.h @@ -132,7 +132,7 @@ int strbuf_sprintf(char **buf, size_t *size, size_t *offset, const char *fmt, .. int addr_is_local(const union sockaddr_u *su); const char *socktop(const union sockaddr_u *su, socklen_t ss_len); -const char *inet_socktop(const union sockaddr_u *su); +const char *inet_socktop_safe(const union sockaddr_u *su); unsigned short inet_port(const union sockaddr_u *su); diff --git a/nmap.cc b/nmap.cc index 2556d966c..4f3a922a3 100644 --- a/nmap.cc +++ b/nmap.cc @@ -2178,7 +2178,7 @@ int nmap_main(int argc, char *argv[]) { currenths->setSourceSockAddr(&ss, sslen); if (! sourceaddrwarning) { error("WARNING: We could not determine for sure which interface to use, so we are guessing %s . If this is wrong, use -S .", - inet_socktop(&ss)); + inet_socktop_safe(&ss)); sourceaddrwarning = 1; } } diff --git a/nse_nmaplib.cc b/nse_nmaplib.cc index 1a6b30ffa..73532d623 100644 --- a/nse_nmaplib.cc +++ b/nse_nmaplib.cc @@ -843,7 +843,7 @@ static int l_resolve(lua_State *L) if (addr->ai_addrlen > sizeof(ss)) continue; memcpy(&ss, addr->ai_addr, addr->ai_addrlen); - nseU_appendfstr(L, -1, "%s", inet_socktop(&ss)); + nseU_appendfstr(L, -1, "%s", inet_socktop_safe(&ss)); } if (addrs != NULL) diff --git a/scan_engine_connect.cc b/scan_engine_connect.cc index 7eb368e6b..16acc2f32 100644 --- a/scan_engine_connect.cc +++ b/scan_engine_connect.cc @@ -436,7 +436,7 @@ static void init_socket(int sd, const HostScanStats *hss, UltraScanInfo *USI) { if (o.spoofsource && !bind_failed) { o.SourceSockAddr(&ss, &sslen); if (::bind(sd, (struct sockaddr*)&ss, sslen) != 0) { - error("%s: Problem binding source address (%s), errno: %d", __func__, inet_socktop(&ss), socket_errno()); + error("%s: Problem binding source address (%s), errno: %d", __func__, inet_socktop_safe(&ss), socket_errno()); perror("bind"); bind_failed = 1; } diff --git a/targets.cc b/targets.cc index 4228dcaa5..483d43b96 100644 --- a/targets.cc +++ b/targets.cc @@ -180,7 +180,7 @@ int load_exclude_file(struct addrset *excludelist, FILE *fp) { for (size_t i = 0; i < req.ssv.size(); i++) { const struct sockaddr_storage &ss = req.ssv[i]; assert(ss.ss_family == o.af()); - Snprintf(host_spec, sizeof(host_spec), "%s%s", inet_socktop(&ss), + Snprintf(host_spec, sizeof(host_spec), "%s%s", inet_socktop_safe(&ss), slash); if(!addrset_add_spec(excludelist, host_spec, o.af(), 0)){ error("Invalid address specification: %s", host_spec); diff --git a/tcpip.cc b/tcpip.cc index 717836ed7..1b3626734 100644 --- a/tcpip.cc +++ b/tcpip.cc @@ -361,21 +361,9 @@ void PacketTrace::traceConnect(u8 proto, const struct sockaddr *sock, /* Converts an IP address given in a sockaddr_storage to an IPv4 or IPv6 IP address string. Since a static buffer is returned, this is not thread-safe and can only be used once in calls like printf() */ -const char *inet_socktop(const struct sockaddr_storage *ss) { - static char buf[INET6_ADDRSTRLEN]; - const struct sockaddr_in *sin = (struct sockaddr_in *) ss; -#if HAVE_IPV6 - const struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *) ss; -#endif - - if (inet_ntop(sin->sin_family, (sin->sin_family == AF_INET) ? - (char *) &sin->sin_addr : -#if HAVE_IPV6 - (char *) &sin6->sin6_addr, -#else - (char *) NULL, -#endif /* HAVE_IPV6 */ - buf, sizeof(buf)) == NULL) { +const char *inet_socktop_safe(const struct sockaddr_storage *ss) { + const char *buf = inet_socktop(ss); + if (buf == NULL) { fatal("Failed to convert target address to presentation format in %s!?! Error: %s", __func__, strerror(socket_errno())); } return buf; diff --git a/tcpip.h b/tcpip.h index 067f77d9e..28b654688 100644 --- a/tcpip.h +++ b/tcpip.h @@ -135,7 +135,7 @@ class PacketCounter { IPv6 IP address string. Since a static buffer is returned, this is not thread-safe and can only be used once in calls like printf() */ -const char *inet_socktop(const struct sockaddr_storage *ss); +const char *inet_socktop_safe(const struct sockaddr_storage *ss); /* Takes a destination address (dst) and tries to determine the source address and interface necessary to route to this address.