For me, the attached patch fixes it. Memory gets overwritten by an off-by-one error.
---------------------------- Original Message ---------------------------- Subject: nbtscan 1.5.1 patch From: [EMAIL PROTECTED] Date: Sun, January 20, 2008 23:56 To: "Alla Bezroutchko" <[EMAIL PROTECTED]> Cc: "Jochen Friedrich" <[EMAIL PROTECTED]> -------------------------------------------------------------------------- Hi Alla Bezroutchko, I've got a bugreport and a fix for nbtscan 1.5.1 (debian version 1.5.1-2.1). THE BUG SYMPTOMS ================ [EMAIL PROTECTED]:0:/home/walter/src/nbtscan-1.5.1.mine# ./nbtscan 10.102.221.1-2 -s : -v 10.102.221.1:WZA :00U 10.102.221.1:WZA :03U 10.102.221.1:WZA :20U 10.102.221.1:HARDWIRE :1eG 10.102.221.1:MAC:00:00:00:00:00:00 10.102.221.2:DEUS :00U 10.102.221.2:DEUS :03U 10.102.221.2:DEUS :20U 10.102.221.2:DEUS :00U 10.102.221.2:DEUS :03U 10.102.221.2:DEUS :20U 10.102.221.2:__MSBROWSE__:01G 10.102.221.2:MSHOME :1eG 10.102.221.2:MSHOME :00G 10.102.221.2:MSHOME :1dU 10.102.221.2:MSHOME :1eG 10.102.221.2:MSHOME :00G 10.102.221.2:MAC:00:00:00:00:00:00 *** glibc detected *** free(): invalid pointer: 0x0804e020 *** Aborted (core dumped) THE CAUSE ========= An off by one error. name[16] is set to 0, but name is only 16 bytes long. OTHER PROBLEMS ============== www.inetcat.org seems to have changed to www.inetcat.net. THE PATCH ========= diff -urw nbtscan-1.5.1/debian/watch nbtscan-1.5.1.mine/debian/watch --- nbtscan-1.5.1/debian/watch 2008-01-20 17:52:24.000000000 +0100 +++ nbtscan-1.5.1.mine/debian/watch 2008-01-20 23:49:02.000000000 +0100 @@ -2,4 +2,4 @@ # Rename this file to "watch" and then you can run the "uscan" command # to check for upstream updates and more. # Site Directory Pattern Version Script -http://www.inetcat.org /software nbtscan-(.*)\.tar\.gz debian uupdate +http://www.inetcat.net /software nbtscan-(.*)\.tar\.gz debian uupdate diff -urw nbtscan-1.5.1/nbtscan.c nbtscan-1.5.1.mine/nbtscan.c --- nbtscan-1.5.1/nbtscan.c 2008-01-20 17:52:24.000000000 +0100 +++ nbtscan-1.5.1.mine/nbtscan.c 2008-01-20 23:47:16.000000000 +0100 @@ -170,7 +170,7 @@ for(i=0; i< hostinfo->header->number_of_names; i++) { service = hostinfo->names[i].ascii_name[15]; strncpy(name, hostinfo->names[i].ascii_name, 15); - name[16]=0; + name[15]=0; unique = !(hostinfo->names[i].rr_flags & 0x0080); if(sf) { printf("%s%s%s%s", inet_ntoa(addr), sf, name, sf); diff -urw nbtscan-1.5.1/README nbtscan-1.5.1.mine/README --- nbtscan-1.5.1/README 2003-06-06 14:19:22.000000000 +0200 +++ nbtscan-1.5.1.mine/README 2008-01-20 18:37:45.000000000 +0100 @@ -7,7 +7,7 @@ NetBIOS computer name, logged-in user name and MAC address (such as Ethernet). -See http://www.inetcat.org/software/nbtscan.html for +See http://www.inetcat.net/software/nbtscan.html for NBTscan homepage. LICENSE. @@ -120,5 +120,5 @@ address being 00-00-00-00-00-00. This is because Samba sends that as MAC address. Nbtscan just displays what it gets. -Report bugs to [EMAIL PROTECTED] (that's me). I cannot promise to +Report bugs to [EMAIL PROTECTED] (that's me). I cannot promise to do anything but I might well want fix it. Remember: no warranty. GREETINGS ========= Thanks for nbtscan. Enjoy the patch :) Friendly greetings, Walter Doekes -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

