Search code examples
rubyrescue

Invalid next compile error

I have a method that scans a URL for a website that contains an error:

def begin_vulnerability_check
  info("Checking if sites are vulnerable.")
  IO.read("#{PATH}/temp/SQL_sites_to_check.txt").each_line do |parse|
    Timeout::timeout(10) do
      parsing = Nokogiri::HTML(RestClient.get("#{parse.chomp}"))
      info("Parsing page for SQL syntax error: #{parse.chomp}")
      if parsing.css('html')[0].to_s[/You have an error in your SQL syntax/]
        successful = parse
        success("URL: #{parse.chomp} returned SQL syntax error, dumped to SQL_VULN.txt")
        File.open("#{PATH}/lib/SQL_VULN.txt", "a+"){|s| s.puts(parse)}
        sleep(1)
      else
        err("URL: #{parse.chomp} returned and error, dumped to non_exploitable.txt")
        File.open("#{PATH}/lib/non_exploitable.txt", "a+"){|s| s.puts(parse)}
        sleep(1)
      end
    end
  end
end

During testing I'm scanning through this list of URLs:

http://www.bible.com/subcat.php?id=2'
http://www.cidko.com/pro_con.php?id=3'
http://www.slavsandtars.com/about.php?id=25'
http://www.police.gov/content.php?id=275'
http://www.icdprague.org/index.php?id=10'
http://huawei.com/en/plugin.php?id=hwdownload'
https://huawei.com/en/plugin.php?id=unlock'
https://facebook.com/profile.php?id'
http://www.footballclub.com.au/index.php?id=43'
http://www.mesrs.gouv/index.php?id=1525'

I also have a rescue block that is suppose to catch the exception Timeout::Error and move to the next URL in the list:

begin
  begin_vulnerability_check
rescue Timeout::Error
   if Timeout::Error 
     warn("Page timed out, this is usually cause by the page returning a white page, or being non-existent, skipping.")
     next
  end
end

However while attempting to run this program, I get the following error:

whitewidow.rb:130: Invalid next
whitewidow.rb: compile error (SyntaxError)

Line 130:

rescue Timeout::Error
   if Timeout::Error 
     warn("Page timed out, this is usually cause by the page returning a white page, or being non-existent, skipping.")
     next #<= HERE
  end
end

My question being, am I using the next in the wrong sense? It seems to me like next would be, if this happens go to the next line, am I wrong for thinking like that? How can I refactor this to work?

Solution

  • You can use next to return from a block. You cannot use it outside a block like you're trying to do.

    But you don't even need next, because when you rescue the timeout error the iteration will automatically continue with the next line. You just have to move the rescue inside the each_line iteration.

    Your code should be something like this:

    def begin_vulnerability_check
  IO.read("#{PATH}/temp/SQL_sites_to_check.txt").each_line do |parse|
    begin
      Timeout::timeout(10) do
        ...
      end
    rescue Timeout::Error
      # Will automatically continue with next line after this
    end
  end
end