From 96d82405df06a3c081c9c33852c515e488b7af34 Mon Sep 17 00:00:00 2001
From: Christian Mehlmauer <firefart@gmail.com>
Date: Mon, 14 Jan 2013 14:27:12 +0100
Subject: [PATCH] Bugfix in Versiondetection. Without this Fix a very long
 string is detected as WPVersion and wpscan crashes on determing the vulns
 from XML because the string is used as xpath

---
 lib/wpscan/wp_version.rb                                     | 2 +-
 spec/lib/wpscan/wp_version_spec.rb                           | 5 +++++
 .../wpscan/wp_version/meta-generator/3.5_minified.htm        | 1 +
 3 files changed, 7 insertions(+), 1 deletion(-)
 create mode 100644 spec/samples/wpscan/wp_version/meta-generator/3.5_minified.htm

diff --git a/lib/wpscan/wp_version.rb b/lib/wpscan/wp_version.rb
index e81bfae6..47beafef 100644
--- a/lib/wpscan/wp_version.rb
+++ b/lib/wpscan/wp_version.rb
@@ -168,6 +168,6 @@ class WpVersion < Vulnerable
 
   # Used to check if the version is correct: must contain at least one dot.
   def self.version_pattern
-    '([^\r\n]+[\.][^\r\n]+)'
+    '([^\r\n"\']+\.[^\r\n"\']+)'
   end
 end
diff --git a/spec/lib/wpscan/wp_version_spec.rb b/spec/lib/wpscan/wp_version_spec.rb
index 429ce97a..956cb16d 100644
--- a/spec/lib/wpscan/wp_version_spec.rb
+++ b/spec/lib/wpscan/wp_version_spec.rb
@@ -52,6 +52,11 @@ describe WpVersion do
       @fixture = fixtures_dir + "/invalid_version.htm"
       @expected = nil
     end
+
+    it "should return 3.5" do
+      @fixture = fixtures_dir + "/3.5_minified.htm"
+      @expected = "3.5"
+    end
   end
 
   describe "#find_from_rss_generator" do
diff --git a/spec/samples/wpscan/wp_version/meta-generator/3.5_minified.htm b/spec/samples/wpscan/wp_version/meta-generator/3.5_minified.htm
new file mode 100644
index 00000000..e65efd3f
--- /dev/null
+++ b/spec/samples/wpscan/wp_version/meta-generator/3.5_minified.htm
@@ -0,0 +1 @@
+<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="http://site.at/wp-includes/wlwmanifest.xml" /> <meta name="generator" content="WordPress 3.5" /> </head> <body class="home blog"> <div id="main-container"> <div id="skip-navigation"> <ol> <li><a href="#inhalt" title="Zum Inhalt springen">Zum Inhalt springen...</a></li> <li><a href="#navigation" title="Zur Navigation springen">Zur Navigation springen...</a></li> <li><a href="#institute" title="Zu den Instituten springen">Zu den Instituten springen...</a></li>
\ No newline at end of file