From f6d5fbfc50540e73658016bfb638fe4d13cfa794 Mon Sep 17 00:00:00 2001
From: esheri3 <esheri3@4033779f-a91e-0410-96ef-6bf7bf53c507>
Date: Mon, 22 Jan 2007 18:33:50 +0000
Subject: [PATCH] I was getting an empty string and a ".svn" file in the "Help
 File" drop-down box. Modified parseResults() to ensure that the file is not
 an empty string and the file ends with ".help"

git-svn-id: http://webgoat.googlecode.com/svn/trunk@65 4033779f-a91e-0410-96ef-6bf7bf53c507
---
 .../webgoat/lessons/CommandInjection.java      | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CommandInjection.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CommandInjection.java
index 75a79cd81..c4506dd88 100644
--- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CommandInjection.java	
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CommandInjection.java	
@@ -4,6 +4,7 @@ import java.io.File;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
+import java.util.StringTokenizer;
 
 import org.apache.ecs.Element;
 import org.apache.ecs.ElementContainer;
@@ -216,8 +217,21 @@ public class CommandInjection extends LessonAdapter
 
     private String parseResults(String results)
     {
-	return results.replaceAll("(?s).*Output...\\s", "").replaceAll(
-		"(?s)Returncode.*", "");
+    	results.replaceAll("(?s).*Output...\\s", "").replaceAll("(?s)Returncode.*", "");
+    	StringTokenizer st = new StringTokenizer(results, "\n");
+    	StringBuffer modified = new StringBuffer();
+    	
+    	while(st.hasMoreTokens())
+    	{
+    		String s = (String)st.nextToken().trim();
+    		
+    		if(s.length() > 0 && s.endsWith(".help"))
+    		{
+    			modified.append(s + "\n");
+    		}
+    	}
+    	
+    	return modified.toString();
     }