From 8b6b8d0f2eb25de3d1263c258bc28721d4b8ce1d Mon Sep 17 00:00:00 2001
From: sadayuki-matsuno <sadayuki.matsuno@gmail.com>
Date: Sat, 30 Jan 2021 09:53:41 +0900
Subject: [PATCH] feat(wordpress): define API limit exceed error for wpscan.com
 (#1155)

* feat(wordpress) specify wp err

* fix typo, chagne const name

Co-authored-by: Kota Kanbe <kotakanbe@gmail.com>
---
 errof/errof.go         |  3 +++
 wordpress/wordpress.go | 18 +++++++++++-------
 2 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/errof/errof.go b/errof/errof.go
index 7d5bf2dc..9cefa705 100644
--- a/errof/errof.go
+++ b/errof/errof.go
@@ -19,6 +19,9 @@ var (
 
 	// ErrFailedToAccessWpScan is error of wpscan.com api access
 	ErrFailedToAccessWpScan ErrorCode = "ErrFailedToAccessWpScan"
+
+	// ErrWpScanAPILimitExceeded is error of wpscan.com api limit exceeded
+	ErrWpScanAPILimitExceeded ErrorCode = "ErrWpScanAPILimitExceeded"
 )
 
 // New :
diff --git a/wordpress/wordpress.go b/wordpress/wordpress.go
index 625639c8..fd7be738 100644
--- a/wordpress/wordpress.go
+++ b/wordpress/wordpress.go
@@ -59,7 +59,8 @@ func DetectWordPressCves(r *models.ScanResult, cnf *c.WpScanConf) (int, error) {
 	// Core
 	ver := strings.Replace(r.WordPressPackages.CoreVersion(), ".", "", -1)
 	if ver == "" {
-		return 0, xerrors.New("Failed to get WordPress core version")
+		return 0, errof.New(errof.ErrFailedToAccessWpScan,
+			fmt.Sprintf("Failed to get WordPress core version."))
 	}
 	url := fmt.Sprintf("https://wpscan.com/api/v3/wordpresses/%s", ver)
 	wpVinfos, err := wpscan(url, ver, cnf.Token)
@@ -114,8 +115,7 @@ func DetectWordPressCves(r *models.ScanResult, cnf *c.WpScanConf) (int, error) {
 func wpscan(url, name, token string) (vinfos []models.VulnInfo, err error) {
 	body, err := httpRequest(url, token)
 	if err != nil {
-		return nil, errof.New(errof.ErrFailedToAccessWpScan,
-			fmt.Sprintf("Failed to access to wpscan.comm. body: %s, err: %s", string(body), err))
+		return nil, err
 	}
 	if body == "" {
 		util.Log.Debugf("wpscan.com response body is empty. URL: %s", url)
@@ -223,7 +223,8 @@ func httpRequest(url, token string) (string, error) {
 	req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)
 	defer cancel()
 	if err != nil {
-		return "", err
+		return "", errof.New(errof.ErrFailedToAccessWpScan,
+			fmt.Sprintf("Failed to access to wpscan.com. err: %s", err))
 	}
 	req.Header.Set("Authorization", fmt.Sprintf("Token token=%s", token))
 	client, err := util.GetHTTPClient(config.Conf.HTTPProxy)
@@ -232,11 +233,13 @@ func httpRequest(url, token string) (string, error) {
 	}
 	resp, err := client.Do(req)
 	if err != nil {
-		return "", err
+		return "", errof.New(errof.ErrFailedToAccessWpScan,
+			fmt.Sprintf("Failed to access to wpscan.com. err: %s", err))
 	}
 	body, err := ioutil.ReadAll(resp.Body)
 	if err != nil {
-		return "", err
+		return "", errof.New(errof.ErrFailedToAccessWpScan,
+			fmt.Sprintf("Failed to access to wpscan.com. err: %s", err))
 	}
 	defer resp.Body.Close()
 	if resp.StatusCode == 200 {
@@ -245,7 +248,8 @@ func httpRequest(url, token string) (string, error) {
 		// This package is not in wpscan
 		return "", nil
 	} else if resp.StatusCode == 429 {
-		return "", xerrors.Errorf("wpscan.com API limit exceeded: %+v", resp.Status)
+		return "", errof.New(errof.ErrWpScanAPILimitExceeded,
+			fmt.Sprintf("wpscan.com API limit exceeded: %+v", resp.Status))
 	} else {
 		util.Log.Warnf("wpscan.com unknown status code: %+v", resp.Status)
 		return "", nil