From ad92c95500510016cb4bbf8a5310e6ce5d34f7b7 Mon Sep 17 00:00:00 2001
From: erwanlr <erwan.lr@gmail.com>
Date: Fri, 13 Sep 2019 17:22:26 +0100
Subject: [PATCH] Fixes crash when API returns HTML data rather than JSON in
 edge cases

---
 lib/wpscan/db/vuln_api.rb    |  3 ++-
 spec/lib/db/vuln_api_spec.rb | 23 ++++++++++++++++++-----
 2 files changed, 20 insertions(+), 6 deletions(-)

diff --git a/lib/wpscan/db/vuln_api.rb b/lib/wpscan/db/vuln_api.rb
index a4b56466..86bdf267 100644
--- a/lib/wpscan/db/vuln_api.rb
+++ b/lib/wpscan/db/vuln_api.rb
@@ -4,7 +4,7 @@ module WPScan
   module DB
     # WPVulnDB API
     class VulnApi
-      NON_ERROR_CODES = [200, 401, 404].freeze
+      NON_ERROR_CODES = [200, 401].freeze
 
       class << self
         attr_accessor :token
@@ -24,6 +24,7 @@ module WPScan
 
         res = Browser.get(uri.join(path), params.merge(request_params))
 
+        return {} if res.code == 404 # This is for API inconsistencies when dots in path
         return JSON.parse(res.body) if NON_ERROR_CODES.include?(res.code)
 
         raise Error::HTTP, res
diff --git a/spec/lib/db/vuln_api_spec.rb b/spec/lib/db/vuln_api_spec.rb
index a784241f..adbea90d 100644
--- a/spec/lib/db/vuln_api_spec.rb
+++ b/spec/lib/db/vuln_api_spec.rb
@@ -35,9 +35,11 @@ describe WPScan::DB::VulnApi do
     context 'when a token' do
       before { api.token = 's3cRet' }
 
+      let(:path) { 'path' }
+
       context 'when no timeouts' do
         before do
-          stub_request(:get, api.uri.join('path'))
+          stub_request(:get, api.uri.join(path))
             .with(headers: { 'Host' => api.uri.host, 'Expect' => nil, 'Referer' => nil,
                              'User-Agent' => WPScan::Browser.instance.default_user_agent,
                              'Authorization' => 'Token token=s3cRet' })
@@ -49,7 +51,7 @@ describe WPScan::DB::VulnApi do
           let(:body) { { data: 'something' }.to_json }
 
           it 'returns the expected hash' do
-            result = api.get('path')
+            result = api.get(path)
 
             expect(result).to eql('data' => 'something')
           end
@@ -60,7 +62,7 @@ describe WPScan::DB::VulnApi do
           let(:body) { { error: 'HTTP Token: Access denied.' }.to_json }
 
           it 'returns the expected hash' do
-            result = api.get('path')
+            result = api.get(path)
 
             expect(result).to eql('error' => 'HTTP Token: Access denied.')
           end
@@ -71,9 +73,20 @@ describe WPScan::DB::VulnApi do
           let(:body) { { error: 'Not found' }.to_json }
 
           it 'returns an empty hash' do
-            result = api.get('path')
+            result = api.get(path)
 
-            expect(result).to eql('error' => 'Not found')
+            expect(result).to eql({})
+          end
+
+          context 'when 404 with HTTML (API inconsistency due to dots in path)' do
+            let(:path) { 'path.b.c' }
+            let(:body) { '<!DOCTYPE html><html>Nop</html>' }
+
+            it 'returns an empty hash' do
+              result = api.get(path)
+
+              expect(result).to eql({})
+            end
           end
         end
       end