On Fri, Feb 21, 2003 at 12:35:14PM +0000, John Baker wrote:
> > Whatever it is, it means your name server can not resolve this host
> > name - be it a typo or whatever. This is not a bug in Nessus.
>
> I'm also rather unconvinced it should do anything at all if it can't resolve
> the host. You can't scan a broadcast address, it just seems to make no sense.
You're right - there was a bug in nessus-libraries/libhosts_gatherer/.
Attached is a patch that fixes it :
Index: hg_add_hosts.c
===================================================================
RCS file: /usr/local/cvs/nessus-libraries/libhosts_gatherer/hg_add_hosts.c,v
retrieving revision 1.19
diff -c -r1.19 hg_add_hosts.c
*** hg_add_hosts.c 23 Jul 2002 11:42:52 -0000 1.19
--- hg_add_hosts.c 21 Feb 2003 14:02:05 -0000
***************
*** 124,133 ****
int unquote = 0;
t = strchr(hostname, '-');
! if(t)
{
t[0] = '\0';
if(strchr(hostname, '.') &&
strchr(&(t[1]), '.'))
{
--- 124,141 ----
int unquote = 0;
+
t = strchr(hostname, '-');
! if(t != NULL)
{
+ struct in_addr ip;
t[0] = '\0';
+ if(inet_aton(hostname, &ip) == 0)
+ {
+ t[0] = '-';
+ goto next;
+ }
+
if(strchr(hostname, '.') &&
strchr(&(t[1]), '.'))
{
***************
*** 139,144 ****
--- 147,154 ----
}
t[0] = '-';
}
+
+ next:
reminder = malloc(strlen(hostname));
