1.17b - JS detector refined not to trigger on certain text/plain inputs.

ChangeLog

@@ -1,3 +1,8 @@
+Version 1.17b:
+--------------
+
+  - JS detector refined not to trigger on certain text/plain inputs.
+
 Version 1.16b:
 --------------
 

analysis.c

@@ -1112,6 +1112,7 @@ static u8 is_css(struct http_response* res) {
 static u8 is_javascript(struct http_response* res) {
   u8* text = res->payload;
   u8  first = 0, i = 0;
+  u32 white_cnt = 0;
 
   if (res->js_type) return (res->js_type == 2);
   if (!text || !is_mostly_ascii(res) || is_css(res)) return 0;
@@ -1169,9 +1170,10 @@ static u8 is_javascript(struct http_response* res) {
       return 1;
     }
 
-    /* Ignore legal identifiers. */
+    /* Illegal identifier, or too many whitespaces? Bail out. */
 
-    if (!isalnum(*text) && !strchr(" \t\r\n_.", *text)) {
+    if (!isalnum(*text) && (!strchr(" \t\r\n_.", *text) ||
+        (white_cnt++) > MAX_JS_WHITE)) {
       res->js_type = 1;
       return 0;
     }

config.h

@@ -23,7 +23,7 @@
 #ifndef _HAVE_CONFIG_H
 #define _HAVE_CONFIG_H
 
-#define VERSION "1.16b"
+#define VERSION "1.17b"
 
 #define USE_COLOR               1       /* Use terminal colors             */
 
@@ -79,6 +79,7 @@
 #define WORD_HASH       256             /* Hash table for wordlists        */
 #define SNIFF_LEN       1024            /* MIME sniffing buffer size       */
 #define MAX_SAMPLES     1024            /* Max issue / MIME samples        */
+#define MAX_JS_WHITE    16              /* Maximum JS wspaces before id    */
 
 /* Page fingerprinting constants: */
 

database.c

@@ -964,12 +964,8 @@ void load_keywords(u8* fname, u32 purge_age) {
   in = fopen((char*)fname, "r");
 
   if (!in) {
-
     PFATAL("Unable to open wordlist '%s'", fname);
-
-    WARN("Wordlist '%s' not found, not loaded.", fname);
     return;
-
   }
 
   sprintf(fmt, "%%c %%u %%u %%u %%%u[^\x01-\x1f]", MAX_WORD);