(ref) can't process big data?

[winger]

I just parse nmap scan result.

But i find function (ref)  will broken when it process big data. :(

Following codes can work if xo isn't too large.

Code Select Expand


(setf xo
'((host ((comment "")) (status ((state "up"))) (address ((addrtype "ipv4") (vendor
    "")
   (addr "111.11.11.4")))
 (hostnames)
 (ports (extraports ((count "999") (state "filtered"))) (port ((protocol "tcp") (
     portid "80"))
   (state ((reason "syn-ack") (state "open") (reason_ttl "114")))
   (service ((product "Apache httpd") (name "http") (extrainfo "(Win32)") (version
      "2.2.17")
     (conf "10")
     (method "probed")))))
 (os (portused ((state "open") (portid "80") (proto "tcp"))) (osmatch ((line "44168")
    (name "Microsoft Windows Server 2003 SP1 - SP2")
    (accuracy "100"))
   (osclass ((type "general purpose") (osfamily "Windows") (vendor "Microsoft") (
      osgen "2003")
     (accuracy "100"))))
  (osmatch ((line "50322") (name "Microsoft Windows XP SP2") (accuracy "100")) (osclass
    ((type "general purpose") (osfamily "Windows") (vendor "Microsoft") (osgen "XP")
     (accuracy "100"))))
  (osmatch ((line "50937") (name "Microsoft Windows XP SP2 or Windows Server 2003 SP2")
    (accuracy "100"))
   (osclass ((type "general purpose") (osfamily "Windows") (vendor "Microsoft") (
      osgen "2003")
     (accuracy "100")))))
 (uptime ((lastboot "") (seconds "")))
 (tcpsequence ((index "261") (values "4F9A463D,FDE9E1EF,6BE921A2,184CD5F3,20173F87,D8DD8272")
   (difficulty "Good luck!")))
 (ipidsequence ((values "3AD0,3ADF,3AE8,3AE9,3AEA,3AEB") (class "Busy server or unknown class")))
 (tcptssequence ((values "0,0,0,0,0,0") (class "zero timestamp")))
 (trace ((port "80") (proto "tcp")) (hop ((rtt "3.98") (host "") (ipaddr "211.11.211.217")
    (ttl "1")))
  (hop ((rtt "2.72") (host "") (ipaddr "211.11.11.50") (ttl "2")))
  (hop ((rtt "1.56") (host "") (ipaddr "211.11.11.49") (ttl "3")))
  (hop ((rtt "11.64") (host "") (ipaddr "211.11.7.74") (ttl "6")))
  (hop ((rtt "11.46") (host "") (ipaddr "211.111.5.74") (ttl "7")))
  (hop ((rtt "11.30") (host "") (ipaddr "211.11.11.145") (ttl "8")))
  (hop ((rtt "11.18") (host "") (ipaddr "211.11.11.17") (ttl "9")))
  (hop ((rtt "11.94") (host "") (ipaddr "111.11.111.17") (ttl "10")))
  (hop ((rtt "11.48") (host "") (ipaddr "111.11.111.234") (ttl "11")))
  (hop ((rtt "11.19") (host "") (ipaddr "111.11.11.102") (ttl "12")))
  (hop ((rtt "11.75") (host "") (ipaddr "11.11.111.106") (ttl "13")))
 ))
 (host ((comment "")) (status ((state "up"))) (address ((addrtype "ipv4") (vendor
    "")
   (addr "111.11.11.4")))
 (hostnames)
 (ports (extraports ((count "999") (state "filtered"))) (port ((protocol "tcp") (
     portid "80"))
   (state ((reason "syn-ack") (state "open") (reason_ttl "114")))
   (service ((product "Apache httpd") (name "http") (extrainfo "(Win32)") (version
      "2.2.17")
     (conf "10")
     (method "probed")))))
 (os (portused ((state "open") (portid "80") (proto "tcp"))) (osmatch ((line "44168")
    (name "Microsoft Windows Server 2003 SP1 - SP2")
    (accuracy "100"))
   (osclass ((type "general purpose") (osfamily "Windows") (vendor "Microsoft") (
      osgen "2003")
     (accuracy "100"))))
  (osmatch ((line "50322") (name "Microsoft Windows XP SP2") (accuracy "100")) (osclass
    ((type "general purpose") (osfamily "Windows") (vendor "Microsoft") (osgen "XP")
     (accuracy "100"))))
  (osmatch ((line "50937") (name "Microsoft Windows XP SP2 or Windows Server 2003 SP2")
    (accuracy "100"))
   (osclass ((type "general purpose") (osfamily "Windows") (vendor "Microsoft") (
      osgen "2003")
     (accuracy "100")))))
 (uptime ((lastboot "") (seconds "")))
 (tcpsequence ((index "261") (values "4F9A463D,FDE9E1EF,6BE921A2,184CD5F3,20173F87,D8DD8272")
   (difficulty "Good luck!")))
 (ipidsequence ((values "3AD0,3ADF,3AE8,3AE9,3AEA,3AEB") (class "Busy server or unknown class")))
 (tcptssequence ((values "0,0,0,0,0,0") (class "zero timestamp")))
 (trace ((port "80") (proto "tcp")) (hop ((rtt "3.98") (host "") (ipaddr "211.11.211.217")
    (ttl "1")))
  (hop ((rtt "2.72") (host "") (ipaddr "211.11.11.50") (ttl "2")))
  (hop ((rtt "1.56") (host "") (ipaddr "211.11.11.49") (ttl "3")))
  (hop ((rtt "11.64") (host "") (ipaddr "211.11.7.74") (ttl "6")))
  (hop ((rtt "11.46") (host "") (ipaddr "211.111.5.74") (ttl "7")))
  (hop ((rtt "11.30") (host "") (ipaddr "211.11.11.145") (ttl "8")))
  (hop ((rtt "11.18") (host "") (ipaddr "211.11.11.17") (ttl "9")))
  (hop ((rtt "11.94") (host "") (ipaddr "111.11.111.17") (ttl "10")))
  (hop ((rtt "11.48") (host "") (ipaddr "111.11.111.234") (ttl "11")))
  (hop ((rtt "11.19") (host "") (ipaddr "111.11.11.102") (ttl "12")))
  (hop ((rtt "11.75") (host "") (ipaddr "11.11.111.106") (ttl "13")))
 ))
 ))
(define (get-value form_lst xml_lst)
   (let (result (ref form_lst xml_lst match true))
      (if result (last result) "")))
(define (pick-ip-port-from-service xml)
    (let    (allindex (ref-all '(name "http") xml))
            (dolist (idx allindex)
            (println "___1___" )
            (set 'txml (xml (0 -5 idx )))
            (println "___2___" )
            (if (or (ref  "open"  txml) (println "***********"));broken when dislay 2 times
             (println (ref  '(portid *)  txml match true))
             ))
    )
)
(pick-ip-port-from-service xo)


[cormullion]

Hmm a bit too much code for me to look through carefull, but can you work around the 'true' in this line:

Code Select Expand

(ref  '(portid *)  txml match true)

and see if it crashes less?

[winger]

Very thanks cormullion !

You are right.

All right if don't use 'true' parameter.

Code Select Expand

(println (txml (ref  '(portid *)  txml match )))
But Why?

Call @Lutz

[Lutz]

It turned out to be a bug in the 'ref' function when dealing with nested and potentially multiple matches.



This bug is fixed here: http://www.newlisp.org/downloads/development/inprogress/">http://www.newlisp.org/downloads/develo ... nprogress/">http://www.newlisp.org/downloads/development/inprogress/