local_exploit_suggester: malformed module metadata should not crash local_exploit_suggester

[bcoles]

Local Exploit Suggester should not crash when it encounters malformed modules. Instead, a suitable error should be displayed.

Sometimes we overlook things during module development. msftidy does not always catch problems.

Local Exploit Suggester has frequently been the victim of gaps in quality control and often lags behind when it comes to changes to module design practices.

For example, modules with a malformed module arch can crash Local Exploit Suggester. See #20609.

A nil check prior to calling is_module_arch? may help:

metasploit-framework/modules/post/multi/recon/local_exploit_suggester.rb

Lines 59 to 62 in 55bb277

	def is_module_arch?(mod)
	mod_arch = mod.target.arch || mod.arch
	mod_arch.include?(session_arch)
	end

[Admin9961]

Hi bcoles, I have created a report ticket about this module right now. The severity is critical, let me know if you can replicate it.

[bcoles]

Hi bcoles, I have created a report ticket about this module right now. The severity is critical, let me know if you can replicate it.

A patch for #20609 is available in #20611. Temporary workaround: set ValidateArch false.