From 83daa3e9a40215c39a02835d5766d3ed3fe86e30 Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Tue, 19 May 2020 07:56:06 +0200
Subject: [PATCH] Do not assert on unsolicited ARP response

Resolves: #1836989
---
 nmap-unsolicited_arp_assert.patch | 32 +++++++++++++++++++++++++++++++
 nmap.spec                         |  7 ++++++-
 2 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 nmap-unsolicited_arp_assert.patch

diff --git a/nmap-unsolicited_arp_assert.patch b/nmap-unsolicited_arp_assert.patch
new file mode 100644
index 0000000..893074c
--- /dev/null
+++ b/nmap-unsolicited_arp_assert.patch
@@ -0,0 +1,32 @@
+From 33f421fd6e68fcb8ed50071661d9704717c81b2b Mon Sep 17 00:00:00 2001
+From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
+Date: Tue, 3 Dec 2019 17:04:13 +0000
+Subject: [PATCH] Avoid assertion failure when unsolicited ARP response
+ received
+
+We probably want a more explicit handling of the case where we get an
+ARP response to a request that we did not send (system's own, or another
+Nmap scan running at the same time). In any case, this ought to solve
+the crashes reported as #1797 and #1764.
+---
+ scan_engine.cc | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/scan_engine.cc b/scan_engine.cc
+index bd73cc8ead..7a4766da26 100644
+--- a/scan_engine.cc
++++ b/scan_engine.cc
+@@ -1275,7 +1275,12 @@ int UltraScanInfo::removeCompletedHosts() {
+       }
+       if (timedout)
+         gstats->num_hosts_timedout++;
+-      hss->target->stopTimeOutClock(&now);
++      /* We may have received an ARP response before we sent a probe, which
++       * would mean the timeout clock is not running. Avoid an assertion
++       * failure here by checking first.  */
++      if (hss->target->timeOutClockRunning()) {
++        hss->target->stopTimeOutClock(&now);
++      }
+     }
+   }
+   return hostsRemoved;
diff --git a/nmap.spec b/nmap.spec
index 7a8a03a..2f0b6de 100644
--- a/nmap.spec
+++ b/nmap.spec
@@ -7,7 +7,7 @@ Name: nmap
 Epoch: 2
 Version: 7.80
 #global prerelease TEST5
-Release: 3%{?dist}
+Release: 4%{?dist}
 Summary: Network exploration tool and security scanner
 URL: http://nmap.org/
 # Uses combination of licenses based on GPL license, but with extra modification
@@ -25,6 +25,8 @@ Patch2: nmap-4.52-noms.patch
 # upstream provided patch for rhbz#845005, not yet in upstream repository
 Patch3: ncat_reg_stdin.diff
 Patch4: nmap-6.25-displayerror.patch
+# https://github.com/nmap/nmap/commit/33f421fd6e68fcb8ed50071661d9704717c81b2b.patch
+Patch5: nmap-unsolicited_arp_assert.patch
 
 BuildRequires: automake
 BuildRequires: autoconf
@@ -125,6 +127,9 @@ ln -s ncat %{buildroot}%{_bindir}/nc
 %{_mandir}/man1/ncat.1.gz
 
 %changelog
+* Tue May 19 2020 Pavel Zhukov <pzhukov@redhat.com> - 2:7.80-4
+- Do not assert on unsolicited ARP response (#1836989)
+
 * Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2:7.80-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild