Skip to content

Fix 904 - multi-port scans lead to int overflow#905

Merged
zakird merged 6 commits intomainfrom
phillip/904-multi-port-scans-int-overflow
Nov 26, 2024
Merged

Fix 904 - multi-port scans lead to int overflow#905
zakird merged 6 commits intomainfrom
phillip/904-multi-port-scans-int-overflow

Conversation

@phillip-stephens
Copy link
Contributor

@phillip-stephens phillip-stephens commented Nov 25, 2024

Since this was reproducible with --dryrun, it was pretty quick to run into this with enough threads/send rate.

sudo ./zmap-dev/zmap/src/zmap -p 80-84 --dryrun -X -B 100G  -T 1 --metadata-file=/Users/phillip/Desktop/meta 2>&1 | tee ~/Desktop/logs

...

4:51 23% (16m left); send: 4267050958 14.74 Mp/s (14.65 Mp/s avg); recv: 0 0 p/s (0 p/s avg); drops: 0 p/s (0 p/s avg); hitrate: 0.00%
 4:52 23% (16m left); send: 4281874854 14.75 Mp/s (14.65 Mp/s avg); recv: 0 0 p/s (0 p/s avg); drops: 0 p/s (0 p/s avg); hitrate: 0.00%
 4:53 97% (8s left); send: 4294967295 done (14.65 Mp/s avg); recv: 0 0 p/s (0 p/s avg); drops: 0 p/s (0 p/s avg); hitrate: 0.00%
...
0.00% (0s left); send: 4294967295 done (14.65 Mp/s avg); recv: 0 0 p/s (0 p/s avg); drops: 0 p/s (0 p/s avg); hitrate: 0.00%

# Testing

sudo ./src/zmap -p 80-84 --dryrun -X -B 100G -T 6 --metadata-file=/Users/phillip/Desktop/meta 2>&1 | tee ~/Desktop/logs

5:58 100% (2s left); send: 17179869183 done (48.82 Mp/s avg); recv: 0 0 p/s (0 p/s avg); drops: 0 p/s (0 p/s avg); hitrate: 0.00%
5:59 100% (1s left); send: 17179869183 done (48.82 Mp/s avg); recv: 0 0 p/s (0 p/s avg); drops: 0 p/s (0 p/s avg); hitrate: 0.00%
6:00 100% (0s left); send: 17179869183 done (48.82 Mp/s avg); recv: 0 0 p/s (0 p/s avg); drops: 0 p/s (0 p/s avg); hitrate: 0.00%
6:01 100% (0s left); send: 17179869183 done (48.82 Mp/s avg); recv: 0 0 p/s (0 p/s avg); drops: 0 p/s (0 p/s avg); hitrate: 0.00%
Nov 25 16:42:17.146 [INFO] zmap: completed


Now able to scan > 2^32 hosts.

Testing > 2^32 received packets is difficult since you'd need to scan for days at 1G line speeds to get 2^32 responses. I did check though for any logic in `recv.c` or `recv.h` using `uint32_t`.

@phillip-stephens phillip-stephens marked this pull request as ready for review November 26, 2024 00:19
@zakird zakird merged commit 94867b0 into main Nov 26, 2024
@zakird zakird deleted the phillip/904-multi-port-scans-int-overflow branch November 26, 2024 00:32
@phillip-stephens phillip-stephens mentioned this pull request Nov 26, 2024
Closed
@BrewTestBot BrewTestBot mentioned this pull request Nov 27, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zakird zakird zakird approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@phillip-stephens @zakird