From 520d62a3f9474529c0e8c4b42a79f862fed28bb6 Mon Sep 17 00:00:00 2001
From: antisnatchor <antisnatchor@gmail.com>
Date: Wed, 29 Jul 2015 10:59:27 +0200
Subject: [PATCH] Reduced browser/os_version max length to 15 chars.

---
 core/main/autorun_engine/engine.rb      | 4 ++--
 core/main/autorun_engine/models/rule.rb | 4 ++--
 core/main/autorun_engine/parser.rb      | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/core/main/autorun_engine/engine.rb b/core/main/autorun_engine/engine.rb
index b853c8ef1..ec108e45d 100644
--- a/core/main/autorun_engine/engine.rb
+++ b/core/main/autorun_engine/engine.rb
@@ -410,13 +410,13 @@ module BeEF
               # don't be scared at the next eval() calls :-) we need to dynamically produce boolean conditions
               # for version matching, for instance 7 >= 10, as in browser_version >= rule.browser_version.
               #
-              # Every rule is first parsed with AutorunEngine::Parser (both loading from file, or via RESTful API).
+              # Every rule is first parsed with AutorunEngine::Parser.parse (both loading from file, or via RESTful API).
               # This class implements various checks to ensure that input is strictly validated.
               # see the following filters:
               # BeEF::Filters::is_valid_browserversion? (make sure it's only integer/float/ALL/UNKNOWN)
               #
               # BeEF::Filters::is_valid_osversion? (make sure only 'a-zA-Z0-9.<=> ' are allowed).
-              # Length is also checked (maximum 25 characters), as well as additional checks
+              # Length is also checked (maximum MAX_VER_LEN characters), as well as additional checks
               # on where special characters like <=> are placed.
 
               # check if the browser version match
diff --git a/core/main/autorun_engine/models/rule.rb b/core/main/autorun_engine/models/rule.rb
index cd2a2c50d..07119f8d4 100644
--- a/core/main/autorun_engine/models/rule.rb
+++ b/core/main/autorun_engine/models/rule.rb
@@ -18,9 +18,9 @@ module BeEF
           property :name, Text                                       # rule name
           property :author, String                                   # rule author
           property :browser, String, :length => 10                   # browser name
-          property :browser_version, String, :length => 25           # browser version
+          property :browser_version, String, :length => 15           # browser version
           property :os, String, :length => 10                        # OS name
-          property :os_version, String, :length => 25                # OS version
+          property :os_version, String, :length => 15                # OS version
           property :modules, Text                                    # JSON stringyfied representation of the JSON rule for further parsing
           property :execution_order, Text                            # command module execution order
           property :execution_delay, Text                            # command module time delays
diff --git a/core/main/autorun_engine/parser.rb b/core/main/autorun_engine/parser.rb
index 17ea5c9ae..163b16a66 100644
--- a/core/main/autorun_engine/parser.rb
+++ b/core/main/autorun_engine/parser.rb
@@ -19,7 +19,7 @@ module BeEF
         OS = ['Linux','Windows','OSX','Android','iOS','BlackBerry','ALL']
         VERSION = ['<','<=','==','>=','>','ALL','Vista','XP']
         CHAIN_MODE = ['sequential','nested-forward']
-        MAX_VER_LEN = 25
+        MAX_VER_LEN = 15
         # Parse a JSON ARE file and returns an Hash with the value mappings
         def parse(name,author,browser, browser_version, os, os_version, modules, exec_order, exec_delay, chain_mode)
           begin