FixRM rapid7#8396 change all lib use of regex to 8-bit pattern

lib/metasm/metasm/disassemble_api.rb

@@ -776,10 +776,10 @@ def pattern_scan(pat, chunksz=nil, margin=nil)
   def strings_scan(minlen=6)
     ret = []
     nexto = 0
-    pattern_scan(/[\x20-\x7e]{#{minlen},}/m, nil, 1024) { |o|
+    pattern_scan(/[\x20-\x7e]{#{minlen},}/nm, nil, 1024) { |o|
       if o - nexto > 0
         next unless e = get_edata_at(o)
-        str = e.data[e.ptr, 1024][/[\x20-\x7e]{#{minlen},}/m]
+        str = e.data[e.ptr, 1024][/[\x20-\x7e]{#{minlen},}/nm]
         ret << [o, str] if not block_given? or yield(o, str)
         nexto = o + str.length
       end

lib/metasm/metasm/gui/dasm_hex.rb

@@ -231,7 +231,7 @@ def paint
       end
       if @show_ascii and d
         x = xa + d_o*@font_width
-        d = d.gsub(/[^\x20-\x7e]/, '.')
+        d = d.gsub(/[^\x20-\x7e]/n, '.')
         if wp.empty?
           render[d, :ascii]
         else
@@ -393,7 +393,7 @@ def keypress_ctrl(key)
   # pop a dialog, scans the sections for a hex pattern
   def prompt_search_hex
     inputbox('hex pattern to search (hex regexp, use .. for wildcard)') { |pat|
-      pat = pat.gsub(' ', '').gsub('..', '.').gsub(/[0-9a-f][0-9a-f]/i) { |o| "\\x#{o}" }
+      pat = pat.gsub(' ', '').gsub('..', '.').gsub(/[0-9a-f][0-9a-f]/ni) { |o| "\\x#{o}" }
       pat = Regexp.new(pat, Regexp::MULTILINE, 'n')	# 'n' = force ascii-8bit
       list = [['addr']] + @dasm.pattern_scan(pat).map { |a| [Expression[a]] }
       listwindow("hex search #{pat}", list) { |i| focus_addr i[0] }

lib/msf/core/auxiliary/nmap.rb

@@ -59,7 +59,7 @@ def get_nmap_ver
   nmap_cmd = [self.nmap_bin]
   nmap_cmd << "--version"
   res << %x{#{nmap_cmd.join(" ")}} rescue nil
-  res.gsub(/[\x0d\x0a]/,"")
+  res.gsub(/[\x0d\x0a]/n,"")
 end
 
 # Takes a version string in the form of Major.Minor and compares to
@@ -68,16 +68,16 @@ def get_nmap_ver
 # Comparing an Integer is okay, though.
 def nmap_version_at_least?(test_ver=nil)
   raise ArgumentError, "Cannot compare a Float, use a String or Integer" if test_ver.kind_of? Float
-  unless test_ver.to_s[/^([0-9]+(\x2e[0-9]+)?)/]
+  unless test_ver.to_s[/^([0-9]+(\x2e[0-9]+)?)/n]
     raise ArgumentError, "Bad Nmap comparison version: #{test_ver.inspect}"
   end
   test_ver_str = test_ver.to_s
-  tnum_arr = $1.split(/\x2e/)[0,2].map {|x| x.to_i}
+  tnum_arr = $1.split(/\x2e/n)[0,2].map {|x| x.to_i}
   installed_ver = get_nmap_ver()
   vtag = installed_ver.split[2] # Should be ["Nmap", "version", "X.YZTAG", "(", "http..", ")"]
   return false if (vtag.nil? || vtag.empty?)
-  return false unless (vtag =~ /^([0-9]+\x2e[0-9]+)/) # Drop the tag.
-  inum_arr = $1.split(/\x2e/)[0,2].map {|x| x.to_i}
+  return false unless (vtag =~ /^([0-9]+\x2e[0-9]+)/n) # Drop the tag.
+  inum_arr = $1.split(/\x2e/n)[0,2].map {|x| x.to_i}
   return true if inum_arr[0] > tnum_arr[0]
   return false if inum_arr[0] < tnum_arr[0]
   inum_arr[1].to_i >= tnum_arr[1].to_i
@@ -228,7 +228,7 @@ def nmap_validate_arg(str)
     return false
   end
   # Check for commas outside of quoted arguments
-  quoted_22 = /\x22[^\x22]*\x22/
+  quoted_22 = /\x22[^\x22]*\x22/n
   requoted_str = str.gsub(/'/,"\"")
   if requoted_str.split(quoted_22).join[/,/]
     print_error "Malformed nmap arguments (unquoted comma): #{str}"

lib/msf/core/db.rb

@@ -358,7 +358,7 @@ def report_host(opts)
     opts.each { |k,v|
       if (host.attribute_names.include?(k.to_s))
         unless host.attribute_locked?(k.to_s)
-          host[k] = v.to_s.gsub(/[\x00-\x1f]/, '')
+          host[k] = v.to_s.gsub(/[\x00-\x1f]/n, '')
         end
       else
         dlog("Unknown attribute for ::Mdm::Host: #{k}")
@@ -481,7 +481,7 @@ def update_host_via_sysinfo(opts)
 
       if (host.attribute_names.include?(k.to_s))
         unless host.attribute_locked?(k.to_s)
-          host[k] = v.to_s.gsub(/[\x00-\x1f]/, '')
+          host[k] = v.to_s.gsub(/[\x00-\x1f]/n, '')
         end
       else
         dlog("Unknown attribute for Host: #{k}")
@@ -1536,12 +1536,12 @@ def report_auth_info(opts={})
     if (token[0])
       # convert the token to US-ASCII from UTF-8 to prevent an error
       token[0] = token[0].unpack("C*").pack("C*")
-      token[0] = token[0].gsub(/[\x00-\x1f\x7f-\xff]/){|m| "\\x%.2x" % m.unpack("C")[0] }
+      token[0] = token[0].gsub(/[\x00-\x1f\x7f-\xff]/n){|m| "\\x%.2x" % m.unpack("C")[0] }
     end
 
     if (token[1])
       token[1] = token[1].unpack("C*").pack("C*")
-      token[1] = token[1].gsub(/[\x00-\x1f\x7f-\xff]/){|m| "\\x%.2x" % m.unpack("C")[0] }
+      token[1] = token[1].gsub(/[\x00-\x1f\x7f-\xff]/n){|m| "\\x%.2x" % m.unpack("C")[0] }
     end
 
     ret = {}
@@ -2853,7 +2853,7 @@ def rexmlify(data)
         return REXML::Document.new(data)
       rescue REXML::ParseException => e
         dlog("REXML error: Badly formatted XML, attempting to recover. Error was: #{e.inspect}")
-        return REXML::Document.new(data.gsub(/([\x00-\x08\x0b\x0c\x0e-\x1f\x80-\xff])/){ |x| "\\x%.2x" % x.unpack("C*")[0] })
+        return REXML::Document.new(data.gsub(/([\x00-\x08\x0b\x0c\x0e-\x1f\x80-\xff])/n){ |x| "\\x%.2x" % x.unpack("C*")[0] })
       end
     end
   end
@@ -3055,7 +3055,7 @@ def import_filetype_detect(data)
           @import_filedata[:type] = "Appscan"
           return :appscan_xml
         when "entities"
-          if  line =~ /creator.*\x43\x4f\x52\x45\x20\x49\x4d\x50\x41\x43\x54/i
+          if  line =~ /creator.*\x43\x4f\x52\x45\x20\x49\x4d\x50\x41\x43\x54/ni
             @import_filedata[:type] = "CI"
             return :ci_xml
           end
@@ -3342,8 +3342,8 @@ def inspect_single_packet(pkt,wspace,task=nil)
   def inspect_single_packet_http(pkt,wspace,task=nil)
     # First, check the server side (data from port 80).
     if pkt.is_tcp? and pkt.tcp_src == 80 and !pkt.payload.nil? and !pkt.payload.empty?
-      if pkt.payload =~ /^HTTP\x2f1\x2e[01]/
-        http_server_match = pkt.payload.match(/\nServer:\s+([^\r\n]+)[\r\n]/)
+      if pkt.payload =~ /^HTTP\x2f1\x2e[01]/n
+        http_server_match = pkt.payload.match(/\nServer:\s+([^\r\n]+)[\r\n]/n)
         if http_server_match.kind_of?(MatchData) and http_server_match[1]
           report_service(
               :workspace => wspace,
@@ -3363,8 +3363,8 @@ def inspect_single_packet_http(pkt,wspace,task=nil)
 
     # Next, check the client side (data to port 80)
     if pkt.is_tcp? and pkt.tcp_dst == 80 and !pkt.payload.nil? and !pkt.payload.empty?
-      if pkt.payload.match(/[\x00-\x20]HTTP\x2f1\x2e[10]/)
-        auth_match = pkt.payload.match(/\nAuthorization:\s+Basic\s+([A-Za-z0-9=\x2b]+)/)
+      if pkt.payload.match(/[\x00-\x20]HTTP\x2f1\x2e[10]/n)
+        auth_match = pkt.payload.match(/\nAuthorization:\s+Basic\s+([A-Za-z0-9=\x2b]+)/n)
         if auth_match.kind_of?(MatchData) and auth_match[1]
           b64_cred = auth_match[1]
         else
@@ -3476,7 +3476,7 @@ def import_msf_pwdump(args={}, &block)
     data.each_line do |line|
       case line
       when /^[\s]*#/ # Comment lines
-        if line[/^#[\s]*([0-9.]+):([0-9]+)(\x2f(tcp|udp))?[\s]*(\x28([^\x29]*)\x29)?/]
+        if line[/^#[\s]*([0-9.]+):([0-9]+)(\x2f(tcp|udp))?[\s]*(\x28([^\x29]*)\x29)?/n]
           addr = $1
           port = $2
           proto = $4
@@ -3492,7 +3492,7 @@ def import_msf_pwdump(args={}, &block)
         user = ([nil, "<BLANK>"].include?($1)) ? "" : $1
         pass = ""
         ptype = "smb_hash"
-      when /^[\s]*([\x21-\x7f]+)[\s]+([\x21-\x7f]+)?/ # Must be a user pass
+      when /^[\s]*([\x21-\x7f]+)[\s]+([\x21-\x7f]+)?/n # Must be a user pass
         user = ([nil, "<BLANK>"].include?($1)) ? "" : dehex($1)
         pass = ([nil, "<BLANK>"].include?($2)) ? "" : dehex($2)
         ptype = "password"
@@ -3531,7 +3531,7 @@ def import_msf_pwdump(args={}, &block)
 
   # If hex notation is present, turn them into a character.
   def dehex(str)
-    hexen = str.scan(/\x5cx[0-9a-fA-F]{2}/)
+    hexen = str.scan(/\x5cx[0-9a-fA-F]{2}/n)
     hexen.each { |h|
       str.gsub!(h,h[2,2].to_i(16).chr)
     }
@@ -5039,7 +5039,7 @@ def import_nessus_nbe(args={}, &block)
       next if r[0] != 'results'
       next if r[4] != "12053"
       data = r[6]
-      addr,hname = data.match(/([0-9\x2e]+) resolves as (.+)\x2e\\n/)[1,2]
+      addr,hname = data.match(/([0-9\x2e]+) resolves as (.+)\x2e\\n/n)[1,2]
       addr_map[hname] = addr
     end
 
@@ -5160,7 +5160,7 @@ def import_nessus_xml(args={}, &block)
       # HostName
       host.elements.each('ReportItem') do |item|
         next unless item.elements['pluginID'].text == "12053"
-        addr = item.elements['data'].text.match(/([0-9\x2e]+) resolves as/)[1]
+        addr = item.elements['data'].text.match(/([0-9\x2e]+) resolves as/n)[1]
         hname = host.elements['HostName'].text
       end
       addr ||= host.elements['HostName'].text
@@ -5855,7 +5855,7 @@ def import_amap_log(args={}, &block)
 
     data.each_line do |line|
       next if line =~ /^#/
-      next if line !~ /^Protocol on ([^:]+):([^\x5c\x2f]+)[\x5c\x2f](tcp|udp) matches (.*)$/
+      next if line !~ /^Protocol on ([^:]+):([^\x5c\x2f]+)[\x5c\x2f](tcp|udp) matches (.*)$/n
       addr   = $1
       next if bl.include? addr
       port   = $2.to_i

lib/msf/core/db_export.rb

@@ -20,7 +20,7 @@ def myworkspace
   end
 
   def myusername
-    @username ||= (ENV['LOGNAME'] || ENV['USERNAME'] || ENV['USER'] || "unknown").to_s.strip.gsub(/[^A-Za-z0-9\x20]/,"_")
+    @username ||= (ENV['LOGNAME'] || ENV['USERNAME'] || ENV['USER'] || "unknown").to_s.strip.gsub(/[^A-Za-z0-9\x20]/n,"_")
   end
 
   # Hosts are always allowed. This is really just a stub.
@@ -115,7 +115,7 @@ def write_credentials(ptype,creds,report_file)
             user = (c.user.nil? || c.user.empty?) ? "<BLANK>" : c.user
             pass = (c.pass.nil? || c.pass.empty?) ? "<BLANK>" : c.pass
             if pass != "<BLANK>"
-              pass = (c.pass.upcase =~ /^[\x20-\x7e]*:[A-F0-9]{48}:[A-F0-9]{50,}/m) ? c.pass : "<BLANK>"
+              pass = (c.pass.upcase =~ /^[\x20-\x7e]*:[A-F0-9]{48}:[A-F0-9]{50,}/nm) ? c.pass : "<BLANK>"
             end
             if pass == "<BLANK>"
               # Basically this is an error (maybe around [\x20-\x7e] in regex) above
@@ -206,7 +206,7 @@ def to_xml_file(path, &block)
 
     report_file.write %Q|<?xml version="1.0" encoding="UTF-8"?>\n|
     report_file.write %Q|<MetasploitV4>\n|
-    report_file.write %Q|<generated time="#{Time.now.utc}" user="#{myusername}" project="#{myworkspace.name.gsub(/[^A-Za-z0-9\x20]/,"_")}" product="framework"/>\n|
+    report_file.write %Q|<generated time="#{Time.now.utc}" user="#{myusername}" project="#{myworkspace.name.gsub(/[^A-Za-z0-9\x20]/n,"_")}" product="framework"/>\n|
 
     yield(:status, "start", "hosts") if block_given?
     report_file.write %Q|<hosts>\n|
@@ -352,7 +352,7 @@ def create_xml_element(key,value)
     if value
       data = marshalize(value)
       data.force_encoding(Encoding::BINARY) if data.respond_to?('force_encoding')
-      data.gsub!(/([\x00-\x08\x0b\x0c\x0e-\x1f\x80-\xFF])/){ |x| "\\x%.2x" % x.unpack("C*")[0] }
+      data.gsub!(/([\x00-\x08\x0b\x0c\x0e-\x1f\x80-\xFF])/n){ |x| "\\x%.2x" % x.unpack("C*")[0] }
       el << REXML::Text.new(data)
     end
     return el

lib/msf/core/exploit/arkeia.rb

@@ -135,11 +135,11 @@ def arkeia_info
     end
 
     # Store the version information
-    mver = resp.match(/IVERSION\x00([^\x00]+)/)
+    mver = resp.match(/IVERSION\x00([^\x00]+)/n)
     info['Version'] = mver[1] if mver
 
     # Store the hostname information
-    mver = resp.match(/ISERVNAME\x00([^\x00]+)/)
+    mver = resp.match(/ISERVNAME\x00([^\x00]+)/n)
     info['Hostname'] = mver[1] if mver
 
     # Begin the ARKADMIN_GET_MACHINE_INFO request
@@ -182,7 +182,7 @@ def arkeia_info
 
     # Finally, parse out and store all the parameters
     resp.split("TPVALUE\x00").each { |x|
-      minf = x.match(/^([^\x00]+)\x00PNAME\x00([^\x00]+)/)
+      minf = x.match(/^([^\x00]+)\x00PNAME\x00([^\x00]+)/n)
       if (minf)
         info[ minf[2] ] = minf[1]
       end

lib/msf/core/exploit/http/client.rb

@@ -463,8 +463,8 @@ def http_fingerprint(opts={})
     end
 
     if datastore['RPORT'].to_i == 3790
-      if res.code == 302 and res.headers and res.headers['Location'] =~ /[\x5c\x2f](login|setup)$/
-        if res['Server'] =~ /^(thin.*No Hup)|(nginx[\x5c\x2f][\d\.]+)$/
+      if res.code == 302 and res.headers and res.headers['Location'] =~ /[\x5c\x2f](login|setup)$/n
+        if res['Server'] =~ /^(thin.*No Hup)|(nginx[\x5c\x2f][\d\.]+)$/n
           extras << "Metasploit"
         end
       end

lib/msf/core/exploit/mysql.rb

@@ -110,9 +110,9 @@ def mysql_get_plugin_dir
     end
 
     if plugin_res.respond_to? :split
-      target_path = plugin_res.split(/[\x5c\x2f]+/).join("/") << "/"
+      target_path = plugin_res.split(/[\x5c\x2f]+/n).join("/") << "/"
     elsif base_res.respond_to? :split
-      target_path = base_res.split(/[\x5c\x2f]+/).join("/") << "/bin/"
+      target_path = base_res.split(/[\x5c\x2f]+/n).join("/") << "/bin/"
     else
       print_error "Cannot determine the plugin directory."
       return false
@@ -123,7 +123,7 @@ def mysql_get_temp_dir
     print_status "Checking for temp directory..."
     res = mysql_get_variable("@@tmpdir")
     if res.respond_to? :split
-      target_path = res.split(/[\x5c\x2f]+/).join("/") << "/"
+      target_path = res.split(/[\x5c\x2f]+/n).join("/") << "/"
     else
       print_error "Cannot determine the temp directory, exiting."
       return false

lib/msf/core/exploit/realport.rb

@@ -195,7 +195,7 @@ def realport_open(port=0, baud='9600')
     # Send negotiate request
     sock.put(pkt2)
     res = sock.get_once(-1, 5)
-    if res.to_s =~ /^\xff/
+    if res.to_s =~ /^\xff/n
       vprint_status("#{target_host}:#{rport} Port:#{port} is closed: #{res.inspect}")
       return :closed
     end
@@ -221,7 +221,7 @@ def realport_open(port=0, baud='9600')
     sock.put(pkt3)
     res = sock.get_once(-1, 5)
 
-    if res.to_s =~ /^\xff/
+    if res.to_s =~ /^\xff/n
       vprint_status("#{target_host}:#{rport} Port:#{port} is closed: #{res.inspect}")
       return :closed
     end

lib/msf/core/exploit/smb.rb

@@ -645,7 +645,7 @@ def smb_fingerprint
               buff << "   FP: #{line}\n"
             end
 
-            prov.split(/\x00\x00+/).each do |line|
+            prov.split(/\x00\x00+/n).each do |line|
               line.gsub!("\x00",'')
               line.strip!
               next if line.length < 6
@@ -755,8 +755,8 @@ def smb_recv(c)
       if (pkt_nbs.v['Type'] == 0x81)
         # Accept any name they happen to send
 
-        host_dst = UTILS.nbname_decode(pkt_nbs.v['Payload'][1,32]).gsub(/[\x00\x20]+$/, '')
-        host_src = UTILS.nbname_decode(pkt_nbs.v['Payload'][35,32]).gsub(/[\x00\x20]+$/, '')
+        host_dst = UTILS.nbname_decode(pkt_nbs.v['Payload'][1,32]).gsub(/[\x00\x20]+$/n, '')
+        host_src = UTILS.nbname_decode(pkt_nbs.v['Payload'][35,32]).gsub(/[\x00\x20]+$/n, '')
 
         smb[:nbdst] = host_dst
         smb[:nbsrc] = host_src

lib/msf/core/payload.rb

@@ -336,9 +336,9 @@ def substitute_vars(raw, offsets)
           # Check to see if the value is a hex string.  If so, convert
           # it.
           if val.kind_of?(String)
-            if val =~ /^\\x/
-              val = [ val.gsub(/\\x/, '') ].pack("H*").unpack(pack)[0]
-            elsif val =~ /^0x/
+            if val =~ /^\\x/n
+              val = [ val.gsub(/\\x/n, '') ].pack("H*").unpack(pack)[0]
+            elsif val =~ /^0x/n
               val = val.hex
             end
           end

lib/rbmysql.rb

@@ -280,7 +280,7 @@ def prepare(str, &block)
   # In Ruby 1.8, this is not safe for multibyte charset such as 'SJIS'.
   # You should use place-holder in prepared-statement.
   def escape_string(str)
-    str.gsub(/[\0\n\r\\\'\"\x1a]/) do |s|
+    str.gsub(/[\0\n\r\\\'\"\x1a]/n) do |s|
       case s
       when "\0" then "\\0"
       when "\n" then "\\n"

lib/rbmysql/compat.rb

@@ -32,7 +32,7 @@ def client_info
     alias get_client_info client_info
 
     def escape_string(str)
-      str.gsub(/[\0\n\r\\\'\"\x1a]/) do |s|
+      str.gsub(/[\0\n\r\\\'\"\x1a]/n) do |s|
         case s
         when "\0" then "\\0"
         when "\n" then "\\n"

lib/rbreadline.rb

@@ -5272,7 +5272,7 @@ def _rl_current_display_line()
    # Actually update the display, period.
    def rl_forced_update_display()
       if (@visible_line)
-         @visible_line.gsub!(/[^\x00]/,0.chr)
+         @visible_line.gsub!(/[^\x00]/n,0.chr)
       end
       rl_on_new_line()
       @forced_display=true if !@forced_display
@@ -8520,7 +8520,7 @@ def _rl_find_next_mbchar(string, seed, count, flags)
          count -= 1
       end
 
-      str = (flags == MB_FIND_NONZERO) ? string.sub(/\x00+$/,'') : string
+      str = (flags == MB_FIND_NONZERO) ? string.sub(/\x00+$/n,'') : string
 
       case @encoding
       when 'E'

lib/rex/parser/burp_session_nokogiri.rb

@@ -116,7 +116,7 @@ def collect_path_and_query
       if query
         @state[:query] = "?#{query}" # Can be nil
       end
-      if path =~ /https?:[\x5c\x2f][\x5c\x2f]+[^\x5c\x2f][^\x5c\x2f]+([^?]+)/
+      if path =~ /https?:[\x5c\x2f][\x5c\x2f]+[^\x5c\x2f][^\x5c\x2f]+([^?]+)/n
         real_path = "/#{$1}"
       else
         real_path = path

lib/rex/parser/mbsa_nokogiri.rb

@@ -176,7 +176,7 @@ def collect_os_name
           :os_family => os_family,
           :os_version => os_version,
           :os_accuracy => 100,
-          :os_match => os_info.gsub(/\x2e$/,"")
+          :os_match => os_info.gsub(/\x2e$/n,"")
         }
       end
     end