diff --git a/tests/plugins/test_grammar.py b/tests/plugins/test_grammar.py index 03c328a1..89704e80 100644 --- a/tests/plugins/test_grammar.py +++ b/tests/plugins/test_grammar.py @@ -453,3 +453,24 @@ def test_grammar_fp3(self): results = list(plugin.run()) self.assertEqual(len(results), 0) + + def test_grammar_fp4(self): + nasl_file = Path(__file__).parent / "test.nasl" + content = ( + ' script_tag(name:"cvss_base", value:"4.0");\n' + ' script_tag(name:"insight", value:"*snip*\n' + " control of a remote NFS server to create a setuid root " + "executable on\n the exported filesystem of the remote NFS " + "server. If this filesystem\n was mounted with the default " + 'hosts map, it would allow the user to\n *snip*");\n' + ' script_tag(name:"solution_type", value:"VendorFix");\n' + ' script_tag(name:"solution", value:"meh");\n' + ) + fake_context = self.create_file_plugin_context( + nasl_file=nasl_file, file_content=content + ) + plugin = CheckGrammar(fake_context) + + results = list(plugin.run()) + + self.assertEqual(len(results), 0) diff --git a/troubadix/plugins/grammar.py b/troubadix/plugins/grammar.py index fa12d052..24d3632a 100644 --- a/troubadix/plugins/grammar.py +++ b/troubadix/plugins/grammar.py @@ -48,8 +48,12 @@ # catch this wrongly... # - Cases like "this filesystem" vs. "these filesystems" are also handled / # excluded here - PatternCheck(r'this\s+(filesystem|allow\s+list)[\s.",]+', re.IGNORECASE), - PatternCheck(r'these\s+(filesystem|allow\s+list)s[\s.",]+', re.IGNORECASE), + PatternCheck( + r'this\s+(filesystem|allow\s+list)([\s.",]+|$)', re.IGNORECASE + ), + PatternCheck( + r'these\s+(filesystem|allow\s+list)s([\s.",]+|$)', re.IGNORECASE + ), # Like seen in e.g. 2008/freebsd/freebsd_mod_php4-twig.nasl PatternCheck(r'(\s+|")[Aa]\s+multiple\s+of'), # WITH can be used like e.g. the following which is valid: