nnposter at users
Aug 31, 2008, 12:15 PM
Views: 2380
Permalink
|
|
Unpredictable behavior of uninitialized named arguments
|
|
Named function arguments exhibit a questionable behavior in that when not specified in the call they behave as if they were undeclared variables, i.e. they will have values from higher calling contexts. According to the NASL2 Reference Manual they should instead behave like local variables. Consider the following code:
function func_one (x)
{
local_var y;
# x is optional with a default value of 11
y=x;
if (isnull(x)) y=11;
display('func_one y="'+y+'"\n');
return 0;
}
function func_two ()
{
return func_one();
}
function func_three ()
{
local_var x;
x=22;
return func_two();
}
func_three();
Here the expected output is:
func_one y="11"
because func_two() calls func_one() without specifying named argument "x" but the real output is:
func_one y="22"
and the reason is that it just happens that func_three() is using "x" as its own local variable.
This behavior has been observed in Nessus 2.2.11. If this is not a bug but a feature then the implication is that all named arguments must be always specified in the function call because their values would be otherwise unpredictable. Unfortunately several included functions, such as der_decode() in kerberos_func.inc, are coded (and called) in a way that collides with the observed named argument behavior. In summary, there is a bug either in the NASL interpreter or in the included functions.
Cheers,
nnposter
_______________________________________________
Plugins-writers mailing list
Plugins-writers [at] list
http://mail.nessus.org/mailman/listinfo/plugins-writers
|
Unpredictable behavior of uninitialized named arguments
