[!] Bummer: local variable 'priv_status' referenced before assignment

[relector-tuxnix]

Latest version (git head) needs to declare and assign value to 'priv_status' :

[ShawnDEvans]

Nuts, I'm not even sure that code path should be executing. I'm booked this week, but will try to get to it next week. Thanks for the report!!

On Wed, Jun 7, 2023, 1:50 AM Relector @.***> wrote:

Latest version (git head) needs to declare and assign value to 'priv_status' : [image: priv_status] https://user-images.githubusercontent.com/1979197/243925104-3c78e7d9-d7dd-4c7e-887d-ef320e7da393.png

— Reply to this email directly, view it on GitHub https://github.com/ShawnDEvans/smbmap/issues/84, or unsubscribe https://github.com/notifications/unsubscribe-auth/AA6SKWGKFFGEIMKMESF2VZDXKAJD5ANCNFSM6AAAAAAY5K6Z6A . You are receiving this because you are subscribed to this thread.Message ID: @.***>

[ShawnDEvans]

I made sure the priv_status var was declared. Thanks again!

[relector-tuxnix]

Nice work. Thanks :+1:

[shaaati]

It seems that you pushed the fix for this issue after releasing v1.9.1 (even though it was before you increased the version number).

This results in Kali Linux (which in turn just uses the package from Debian Testing) showing an smbmap version of v1.9.1 which still is affected by this bug.

As far as "I'm not even sure that code path should be executing": I encountered this on two recent penetration testing assignments. While the "buggy" package worked against a Synology NAS, it failed when trying to list SMB shares on a Windows domain controller.

Would it be possible to simply push a new bugfix release that incorporates the fix, which would then be used by Debian as the source for a new package?

[felix4webscience]

Hi, any news about the issue recalled by @shaaati? I run into the same problem...

[ShawnDEvans]

I recently pushed some updates that should have addressed this. The "priv_status" variable was declared before use, addressed some other bugs, and tagged a new release. Did you update to the latest release? Let me know and I'll dig back in if I closed this one too early. Thanks!

[shaaati]

Looks good to me. It seems you pushed 1.9.2 the same day I made my comment. Maybe that overlapped. I guess the next step is to get Debian to build a new package based on 1.9.2, but there's nothing that you need to do.