From 80f21b50c918aea25efec96107f665e7631e5b1b Mon Sep 17 00:00:00 2001
From: jvazquez-r7 <juan_vazquez@rapid7.com>
Date: Mon, 31 Aug 2015 11:47:43 -0500
Subject: [PATCH] Fix #4227 by improving parsing of nested elements

---
 lib/rex/parser/openvas_nokogiri.rb | 94 ++++++++++++++----------------
 1 file changed, 45 insertions(+), 49 deletions(-)

diff --git a/lib/rex/parser/openvas_nokogiri.rb b/lib/rex/parser/openvas_nokogiri.rb
index 877af4be5a..963aea8d08 100644
--- a/lib/rex/parser/openvas_nokogiri.rb
+++ b/lib/rex/parser/openvas_nokogiri.rb
@@ -15,6 +15,12 @@ module Parser
     attrs = normalize_attrs(attrs)
     block = @block
     @state[:current_tag][name] = true
+
+    unless @text.nil?
+      @state[:text_backup] = @text
+      @text = nil
+    end
+
     case name
     when "host"
       @state[:has_text] = true
@@ -29,93 +35,85 @@ module Parser
       return if not in_tag("result")
       @state[:has_text] = true
       @state[:vuln_name] = @text.strip if @text
-      @text = nil
     when "description"
       @state[:has_text] = true
       @state[:vuln_desc] = @text.strip if @text
-      @text = nil
     when "bid"
-      return if not in_tag("result")
-      return if not in_tag("nvt")
+      return unless in_tag("result")
+      return unless in_tag("nvt")
       @state[:has_text] = true
       @state[:bid] = @text.strip if @text
-      @text = nil
     when "cve"
-      return if not in_tag("result")
-      return if not in_tag("nvt")
+      return unless in_tag("result")
+      return unless in_tag("nvt")
       @state[:has_text] = true
       @state[:cves] = @text.strip if @text
-      @text = nil
     when "risk_factor"
-      return if not in_tag("result")
-      return if not in_tag("nvt")
-
+      return unless in_tag("result")
+      return unless in_tag("nvt")
       #we do this to clean out the buffer so to speak
       #if we don't set text to nil now, the text will show up later
       @state[:has_text] = true
-      @text = nil
     when "cvss_base"
-      return if not in_tag("result")
-      return if not in_tag("nvt")
+      return unless in_tag("result")
+      return unless in_tag("nvt")
       @state[:has_text] = true
-      @text = nil
     when "subnet"
       @state[:has_text] = true
-      @text = nil
     when "result"
-      return if not in_tag("results")
-      record_vuln
+      record_vuln if in_tag("results")
     when "threat"
-      return if not in_tag("ports")
-      return if not in_tag("port")
-      @state[:has_text] = true
-
-      if not @text.index('(')
-        @state[:name] = nil
-        @state[:port] = nil
-        @state[:proto] = nil
-        @text = nil
-        return
-      end
-
-      @state[:name] = @text.split(' ')[0] if @text
-      @state[:port] = @text.split('(')[1].split('/')[0] if @text
-      @state[:proto] = @text.split('(')[1].split('/')[1].split(')')[0] if @text
-
-      @text = nil
+      @state[:has_text] = true if in_tag("ports") && in_tag("port")
     when "host"
       if in_tag('result')
         @state[:has_text] = true
         @state[:host] = @text.strip if @text
-        @text = nil
-      elsif in_tag('ports')
-        return if not in_tag('port')
+      elsif in_tag('ports') && in_tag('port')
         @state[:has_text] = true
         @state[:host] = @text.strip if @text
-        @text = nil
       end
     when "port"
       if in_tag('result')
         @state[:has_text] = true
-        if not @text.index('(')
+        if @text && @text.index('(')
+          @state[:proto] = @text.split('(')[1].split('/')[1].gsub(/\)/, '')
+          @state[:port] = @text.split('(')[1].split('/')[0].gsub(/\)/, '')
+        elsif @text && @text.index('/')
+          @state[:proto] = @text.split('/')[1].strip
+          @state[:port] = @text.split('/')[0].strip
+        else
+          @state[:proto] = nil
+          @state[:port] = nil
+        end
+
+        if @state[:port] && @state[:port] == 'general'
           @state[:proto] = nil
           @state[:port] = nil
-          @text = nil
-          return
         end
-        @state[:proto] = @text.split('(')[0].strip if @text
-        @state[:port] = @text.split('(')[1].split('/')[0].gsub(/\)/, '') if @text
-        @text = nil
       elsif in_tag('ports')
-        record_service
+        if @text && @text.index('(')
+          @state[:name] = @text.split(' ')[0]
+          @state[:port] = @text.split('(')[1].split('/')[0]
+          @state[:proto] = @text.split('(')[1].split('/')[1].split(')')[0]
+          record_service unless @state[:name].nil?
+        elsif @text && @text.index('/')
+          @state[:port] = @text.split('/')[0]
+          @state[:proto] = @text.split('/')[1]
+          record_service unless @state[:port] == 'general'
+        end
       end
     when "name"
       return if not in_tag("result")
       @state[:has_text] = true
-      @text = nil
+    end
+
+    if @state[:text_backup]
+      @text = @state[:text_backup]
+      @state[:text_backup] = nil
     else
       @text = nil
     end
+
     @state[:current_tag].delete name
   end
 
@@ -153,8 +151,6 @@ module Parser
   end
 
   def record_service
-    return if not @state[:name]
-
     service_info = {}
     service_info[:host] = @state[:host]
     service_info[:name] = @state[:name]