lib/rex/parser/openvas_nokogiri.rb in rex-2.0.8 vs lib/rex/parser/openvas_nokogiri.rb in rex-2.0.9

@@ -13,111 +13,110 @@
   # get here (and turning things off when we exit in end_element()).
   def start_element(name=nil,attrs=[])
     attrs = normalize_attrs(attrs)
     block = @block
     @state[:current_tag][name] = true
+
+    unless @text.nil?
+      @state[:text_backup] = @text
+      @text = nil
+    end
+
     case name
     when "host"
       @state[:has_text] = true
     end
   end
 
   # When we exit a tag, this is triggered.
   def end_element(name=nil)
     block = @block
     case name
-    when "name"
-      return if not in_tag("result")
+    when 'name'
+      if in_tag('result')
+        @state[:has_text] = true
+        @state[:vuln_name] = @text.strip if @text
+      end
+    when 'description'
       @state[:has_text] = true
-      @state[:vuln_name] = @text.strip if @text
-      @text = nil
-    when "description"
-      @state[:has_text] = true
       @state[:vuln_desc] = @text.strip if @text
-      @text = nil
-    when "bid"
-      return if not in_tag("result")
-      return if not in_tag("nvt")
-      @state[:has_text] = true
-      @state[:bid] = @text.strip if @text
-      @text = nil
-    when "cve"
-      return if not in_tag("result")
-      return if not in_tag("nvt")
-      @state[:has_text] = true
-      @state[:cves] = @text.strip if @text
-      @text = nil
-    when "risk_factor"
-      return if not in_tag("result")
-      return if not in_tag("nvt")
-
-      #we do this to clean out the buffer so to speak
-      #if we don't set text to nil now, the text will show up later
-      @state[:has_text] = true
-      @text = nil
-    when "cvss_base"
-      return if not in_tag("result")
-      return if not in_tag("nvt")
-      @state[:has_text] = true
-      @text = nil
-    when "subnet"
-      @state[:has_text] = true
-      @text = nil
-    when "result"
-      return if not in_tag("results")
-      record_vuln
-    when "threat"
-      return if not in_tag("ports")
-      return if not in_tag("port")
-      @state[:has_text] = true
-
-      if not @text.index('(')
-        @state[:name] = nil
-        @state[:port] = nil
-        @state[:proto] = nil
-        @text = nil
-        return
+    when 'bid'
+      if in_tag('result') && in_tag('nvt')
+        @state[:has_text] = true
+        @state[:bid] = @text.strip if @text
       end
-
-      @state[:name] = @text.split(' ')[0] if @text
-      @state[:port] = @text.split('(')[1].split('/')[0] if @text
-      @state[:proto] = @text.split('(')[1].split('/')[1].split(')')[0] if @text
-
-      @text = nil
-    when "host"
+    when 'cve'
+      if in_tag('result') && in_tag('nvt')
+        @state[:has_text] = true
+        @state[:cves] = @text.strip if @text
+      end
+    when 'risk_factor'
+      if in_tag('result') && in_tag('nvt')
+        #we do this to clean out the buffer so to speak
+        #if we don't set text to nil now, the text will show up later
+        @state[:has_text] = true
+      end
+    when 'cvss_base'
+      if in_tag('result')  && in_tag('nvt')
+        @state[:has_text] = true
+      end
+    when 'subnet'
+      @state[:has_text] = true
+    when 'result'
+      record_vuln if in_tag('results')
+    when 'threat'
+      @state[:has_text] = true if in_tag('ports') && in_tag('port')
+    when 'host'
       if in_tag('result')
         @state[:has_text] = true
         @state[:host] = @text.strip if @text
-        @text = nil
-      elsif in_tag('ports')
-        return if not in_tag('port')
+      elsif in_tag('ports') && in_tag('port')
         @state[:has_text] = true
         @state[:host] = @text.strip if @text
-        @text = nil
       end
-    when "port"
+    when 'port'
       if in_tag('result')
         @state[:has_text] = true
-        if not @text.index('(')
+        if @text && @text.index('(')
+          @state[:proto] = @text.split('(')[1].split('/')[1].gsub(/\)/, '')
+          @state[:port] = @text.split('(')[1].split('/')[0].gsub(/\)/, '')
+        elsif @text && @text.index('/')
+          @state[:proto] = @text.split('/')[1].strip
+          @state[:port] = @text.split('/')[0].strip
+        else
           @state[:proto] = nil
           @state[:port] = nil
-          @text = nil
-          return
         end
-        @state[:proto] = @text.split('(')[0].strip if @text
-        @state[:port] = @text.split('(')[1].split('/')[0].gsub(/\)/, '') if @text
-        @text = nil
+
+        if @state[:port] && @state[:port] == 'general'
+          @state[:proto] = nil
+          @state[:port] = nil
+        end
       elsif in_tag('ports')
-        record_service
+        if @text && @text.index('(')
+          @state[:name] = @text.split(' ')[0]
+          @state[:port] = @text.split('(')[1].split('/')[0]
+          @state[:proto] = @text.split('(')[1].split('/')[1].split(')')[0]
+          record_service unless @state[:name].nil?
+        elsif @text && @text.index('/')
+          @state[:port] = @text.split('/')[0]
+          @state[:proto] = @text.split('/')[1]
+          record_service unless @state[:port] == 'general'
+        end
       end
-    when "name"
-      return if not in_tag("result")
+    when 'name'
+      return if not in_tag('result')
       @state[:has_text] = true
-      @text = nil
+    end
+
+    if @state[:text_backup]
+      @text = @state[:text_backup]
+      @state[:text_backup] = nil
     else
       @text = nil
     end
+
     @state[:current_tag].delete name
   end
 
   def record_vuln
     if (@state[:cves] and @state[:cves] == "NOCVE")  and (@state[:bid] and @state[:bid] == "NOBID")
@@ -151,11 +150,9 @@
       end
     end
   end
 
   def record_service
-    return if not @state[:name]
-
     service_info = {}
     service_info[:host] = @state[:host]
     service_info[:name] = @state[:name]
     service_info[:port] = @state[:port]
     service_info[:proto] = @state[:proto]