consider protocolType in max host error (projectdiscovery#5668)

tarunKoyalwar · web-flow · commit 1f945d6d505a · 2024-09-28T18:50:35.000+05:30
* consider protocolType in max host error

* add mutex when updating internal-event
diff --git a/pkg/core/executors.go b/pkg/core/executors.go
@@ -107,7 +107,7 @@ func (e *Engine) executeTemplateWithTargets(ctx context.Context, template *templ
 		currentInfo.Unlock()
 
 		// Skip if the host has had errors
-		if e.executerOpts.HostErrorsCache != nil && e.executerOpts.HostErrorsCache.Check(contextargs.NewWithMetaInput(ctx, scannedValue)) {
+		if e.executerOpts.HostErrorsCache != nil && e.executerOpts.HostErrorsCache.Check(e.executerOpts.ProtocolType.String(), contextargs.NewWithMetaInput(ctx, scannedValue)) {
 			return true
 		}
 
diff --git a/pkg/core/workflow_execute.go b/pkg/core/workflow_execute.go
@@ -98,7 +98,7 @@ func (e *Engine) runWorkflowStep(template *workflows.WorkflowTemplate, ctx *scan
 			}
 			if err != nil {
 				if w.Options.HostErrorsCache != nil {
-					w.Options.HostErrorsCache.MarkFailed(ctx.Input, err)
+					w.Options.HostErrorsCache.MarkFailed(w.Options.ProtocolType.String(), ctx.Input, err)
 				}
 				if len(template.Executers) == 1 {
 					mainErr = err
diff --git a/pkg/protocols/common/hosterrorscache/hosterrorscache.go b/pkg/protocols/common/hosterrorscache/hosterrorscache.go
@@ -20,10 +20,10 @@ import (
 // CacheInterface defines the signature of the hosterrorscache so that
 // users of Nuclei as embedded lib may implement their own cache
 type CacheInterface interface {
-	SetVerbose(verbose bool)                        // log verbosely
-	Close()                                         // close the cache
-	Check(ctx *contextargs.Context) bool            // return true if the host should be skipped
-	MarkFailed(ctx *contextargs.Context, err error) // record a failure (and cause) for the host
+	SetVerbose(verbose bool)                                          // log verbosely
+	Close()                                                           // close the cache
+	Check(protoType string, ctx *contextargs.Context) bool            // return true if the host should be skipped
+	MarkFailed(protoType string, ctx *contextargs.Context, err error) // record a failure (and cause) for the host
 }
 
 var (
@@ -115,7 +115,7 @@ func (c *Cache) NormalizeCacheValue(value string) string {
 //   - URL: https?:// type
 //   - Host:port type
 //   - host type
-func (c *Cache) Check(ctx *contextargs.Context) bool {
+func (c *Cache) Check(protoType string, ctx *contextargs.Context) bool {
 	finalValue := c.GetKeyFromContext(ctx, nil)
 
 	existingCacheItem, err := c.failedTargets.GetIFPresent(finalValue)
@@ -138,8 +138,8 @@ func (c *Cache) Check(ctx *contextargs.Context) bool {
 }
 
 // MarkFailed marks a host as failed previously
-func (c *Cache) MarkFailed(ctx *contextargs.Context, err error) {
-	if !c.checkError(err) {
+func (c *Cache) MarkFailed(protoType string, ctx *contextargs.Context, err error) {
+	if !c.checkError(protoType, err) {
 		return
 	}
 	finalValue := c.GetKeyFromContext(ctx, err)
@@ -186,11 +186,13 @@ var reCheckError = regexp.MustCompile(`(no address found for host|could not reso
 // added to the host skipping table.
 // it first parses error and extracts the cause and checks for blacklisted
 // or common errors that should be skipped
-func (c *Cache) checkError(err error) bool {
+func (c *Cache) checkError(protoType string, err error) bool {
 	if err == nil {
 		return false
 	}
-
+	if protoType != "http" {
+		return false
+	}
 	kind := errkit.GetErrorKind(err, nucleierr.ErrTemplateLogic)
 	switch kind {
 	case nucleierr.ErrTemplateLogic:
diff --git a/pkg/protocols/common/hosterrorscache/hosterrorscache_test.go b/pkg/protocols/common/hosterrorscache/hosterrorscache_test.go
@@ -11,12 +11,16 @@ import (
 	"github.com/stretchr/testify/require"
 )
 
+const (
+	protoType = "http"
+)
+
 func TestCacheCheck(t *testing.T) {
 	cache := New(3, DefaultMaxHostsCount, nil)
 
 	for i := 0; i < 100; i++ {
-		cache.MarkFailed(newCtxArgs("test"), fmt.Errorf("could not resolve host"))
-		got := cache.Check(newCtxArgs("test"))
+		cache.MarkFailed(protoType, newCtxArgs("test"), fmt.Errorf("could not resolve host"))
+		got := cache.Check(protoType, newCtxArgs("test"))
 		if i < 2 {
 			// till 3 the host is not flagged to skip
 			require.False(t, got)
@@ -26,16 +30,16 @@ func TestCacheCheck(t *testing.T) {
 		}
 	}
 
-	value := cache.Check(newCtxArgs("test"))
+	value := cache.Check(protoType, newCtxArgs("test"))
 	require.Equal(t, true, value, "could not get checked value")
 }
 
 func TestTrackErrors(t *testing.T) {
 	cache := New(3, DefaultMaxHostsCount, []string{"custom error"})
 
 	for i := 0; i < 100; i++ {
-		cache.MarkFailed(newCtxArgs("custom"), fmt.Errorf("got: nested: custom error"))
-		got := cache.Check(newCtxArgs("custom"))
+		cache.MarkFailed(protoType, newCtxArgs("custom"), fmt.Errorf("got: nested: custom error"))
+		got := cache.Check(protoType, newCtxArgs("custom"))
 		if i < 2 {
 			// till 3 the host is not flagged to skip
 			require.False(t, got)
@@ -44,7 +48,7 @@ func TestTrackErrors(t *testing.T) {
 			require.True(t, got)
 		}
 	}
-	value := cache.Check(newCtxArgs("custom"))
+	value := cache.Check(protoType, newCtxArgs("custom"))
 	require.Equal(t, true, value, "could not get checked value")
 }
 
@@ -86,7 +90,7 @@ func TestCacheMarkFailed(t *testing.T) {
 
 	for _, test := range tests {
 		normalizedCacheValue := cache.GetKeyFromContext(newCtxArgs(test.host), nil)
-		cache.MarkFailed(newCtxArgs(test.host), fmt.Errorf("no address found for host"))
+		cache.MarkFailed(protoType, newCtxArgs(test.host), fmt.Errorf("no address found for host"))
 		failedTarget, err := cache.failedTargets.Get(normalizedCacheValue)
 		require.Nil(t, err)
 		require.NotNil(t, failedTarget)
@@ -122,14 +126,14 @@ func TestCacheMarkFailedConcurrent(t *testing.T) {
 			wg.Add(1)
 			go func() {
 				defer wg.Done()
-				cache.MarkFailed(newCtxArgs(currentTest.host), fmt.Errorf("could not resolve host"))
+				cache.MarkFailed(protoType, newCtxArgs(currentTest.host), fmt.Errorf("could not resolve host"))
 			}()
 		}
 	}
 	wg.Wait()
 
 	for _, test := range tests {
-		require.True(t, cache.Check(newCtxArgs(test.host)))
+		require.True(t, cache.Check(protoType, newCtxArgs(test.host)))
 
 		normalizedCacheValue := cache.NormalizeCacheValue(test.host)
 		failedTarget, err := cache.failedTargets.Get(normalizedCacheValue)
diff --git a/pkg/protocols/http/request.go b/pkg/protocols/http/request.go
@@ -1177,14 +1177,14 @@ func (request *Request) markUnresponsiveAddress(input *contextargs.Context, err
 		return
 	}
 	if request.options.HostErrorsCache != nil {
-		request.options.HostErrorsCache.MarkFailed(input, err)
+		request.options.HostErrorsCache.MarkFailed(request.options.ProtocolType.String(), input, err)
 	}
 }
 
 // isUnresponsiveAddress checks if the error is a unreponsive based on its execution history
 func (request *Request) isUnresponsiveAddress(input *contextargs.Context) bool {
 	if request.options.HostErrorsCache != nil {
-		return request.options.HostErrorsCache.Check(input)
+		return request.options.HostErrorsCache.Check(request.options.ProtocolType.String(), input)
 	}
 	return false
 }
diff --git a/pkg/protocols/http/request_fuzz.go b/pkg/protocols/http/request_fuzz.go
@@ -161,7 +161,7 @@ func (request *Request) executeAllFuzzingRules(input *contextargs.Context, value
 func (request *Request) executeGeneratedFuzzingRequest(gr fuzz.GeneratedRequest, input *contextargs.Context, callback protocols.OutputEventCallback) bool {
 	hasInteractMatchers := interactsh.HasMatchers(request.CompiledOperators)
 	hasInteractMarkers := len(gr.InteractURLs) > 0
-	if request.options.HostErrorsCache != nil && request.options.HostErrorsCache.Check(input) {
+	if request.options.HostErrorsCache != nil && request.options.HostErrorsCache.Check(request.options.ProtocolType.String(), input) {
 		return false
 	}
 	request.options.RateLimitTake()
@@ -215,7 +215,7 @@ func (request *Request) executeGeneratedFuzzingRequest(gr fuzz.GeneratedRequest,
 	}
 	if requestErr != nil {
 		if request.options.HostErrorsCache != nil {
-			request.options.HostErrorsCache.MarkFailed(input, requestErr)
+			request.options.HostErrorsCache.MarkFailed(request.options.ProtocolType.String(), input, requestErr)
 		}
 		gologger.Verbose().Msgf("[%s] Error occurred in request: %s\n", request.options.TemplateID, requestErr)
 	}
diff --git a/pkg/protocols/network/request.go b/pkg/protocols/network/request.go
@@ -504,14 +504,14 @@ func (request *Request) markUnresponsiveAddress(input *contextargs.Context, err
 		return
 	}
 	if request.options.HostErrorsCache != nil {
-		request.options.HostErrorsCache.MarkFailed(input, err)
+		request.options.HostErrorsCache.MarkFailed(request.options.ProtocolType.String(), input, err)
 	}
 }
 
 // isUnresponsiveAddress checks if the error is a unreponsive based on its execution history
 func (request *Request) isUnresponsiveAddress(input *contextargs.Context) bool {
 	if request.options.HostErrorsCache != nil {
-		return request.options.HostErrorsCache.Check(input)
+		return request.options.HostErrorsCache.Check(request.options.ProtocolType.String(), input)
 	}
 	return false
 }
diff --git a/pkg/templates/cluster.go b/pkg/templates/cluster.go
@@ -274,7 +274,7 @@ func (e *ClusterExecuter) Execute(ctx *scan.ScanContext) (bool, error) {
 		}
 	})
 	if err != nil && e.options.HostErrorsCache != nil {
-		e.options.HostErrorsCache.MarkFailed(ctx.Input, err)
+		e.options.HostErrorsCache.MarkFailed(e.options.ProtocolType.String(), ctx.Input, err)
 	}
 	return results, err
 }
@@ -310,7 +310,7 @@ func (e *ClusterExecuter) ExecuteWithResults(ctx *scan.ScanContext) ([]*output.R
 	}
 
 	if err != nil && e.options.HostErrorsCache != nil {
-		e.options.HostErrorsCache.MarkFailed(ctx.Input, err)
+		e.options.HostErrorsCache.MarkFailed(e.options.ProtocolType.String(), ctx.Input, err)
 	}
 	return scanCtx.GenerateResult(), err
 }
diff --git a/pkg/tmplexec/exec.go b/pkg/tmplexec/exec.go
@@ -206,7 +206,9 @@ func (e *TemplateExecuter) Execute(ctx *scan.ScanContext) (bool, error) {
 	ctx.LogError(errx)
 
 	if lastMatcherEvent != nil {
+		lastMatcherEvent.Lock()
 		lastMatcherEvent.InternalEvent["error"] = getErrorCause(ctx.GenerateErrorMessage())
+		lastMatcherEvent.Unlock()
 		writeFailureCallback(lastMatcherEvent, e.options.Options.MatcherStatus)
 	}
 
diff --git a/pkg/tmplexec/generic/exec.go b/pkg/tmplexec/generic/exec.go
@@ -85,7 +85,7 @@ func (g *Generic) ExecuteWithResults(ctx *scan.ScanContext) error {
 		if err != nil {
 			ctx.LogError(err)
 			if g.options.HostErrorsCache != nil {
-				g.options.HostErrorsCache.MarkFailed(ctx.Input, err)
+				g.options.HostErrorsCache.MarkFailed(g.options.ProtocolType.String(), ctx.Input, err)
 			}
 			gologger.Warning().Msgf("[%s] Could not execute request for %s: %s\n", g.options.TemplateID, ctx.Input.MetaInput.PrettyPrint(), err)
 		}

Original file line number	Diff line number	Diff line change
`@@ -107,7 +107,7 @@ func (e Engine) executeTemplateWithTargets(ctx context.Context, template templ`
`107`	`107`	`currentInfo.Unlock()`
`108`	`108`
`109`	`109`	`// Skip if the host has had errors`
`110`		`- if e.executerOpts.HostErrorsCache != nil && e.executerOpts.HostErrorsCache.Check(contextargs.NewWithMetaInput(ctx, scannedValue)) {`
	`110`	`+ if e.executerOpts.HostErrorsCache != nil && e.executerOpts.HostErrorsCache.Check(e.executerOpts.ProtocolType.String(), contextargs.NewWithMetaInput(ctx, scannedValue)) {`
`111`	`111`	`return true`
`112`	`112`	`}`
`113`	`113`
Original file line number	Diff line number	Diff line change
`@@ -98,7 +98,7 @@ func (e Engine) runWorkflowStep(template workflows.WorkflowTemplate, ctx *scan`
`98`	`98`	`}`
`99`	`99`	`if err != nil {`
`100`	`100`	`if w.Options.HostErrorsCache != nil {`
`101`		`- w.Options.HostErrorsCache.MarkFailed(ctx.Input, err)`
	`101`	`+ w.Options.HostErrorsCache.MarkFailed(w.Options.ProtocolType.String(), ctx.Input, err)`
`102`	`102`	`}`
`103`	`103`	`if len(template.Executers) == 1 {`
`104`	`104`	`mainErr = err`
Original file line number	Diff line number	Diff line change
`@@ -1177,14 +1177,14 @@ func (request Request) markUnresponsiveAddress(input contextargs.Context, err`
`1177`	`1177`	`return`
`1178`	`1178`	`}`
`1179`	`1179`	`if request.options.HostErrorsCache != nil {`
`1180`		`- request.options.HostErrorsCache.MarkFailed(input, err)`
	`1180`	`+ request.options.HostErrorsCache.MarkFailed(request.options.ProtocolType.String(), input, err)`
`1181`	`1181`	`}`
`1182`	`1182`	`}`
`1183`	`1183`
`1184`	`1184`	`// isUnresponsiveAddress checks if the error is a unreponsive based on its execution history`
`1185`	`1185`	`func (request Request) isUnresponsiveAddress(input contextargs.Context) bool {`
`1186`	`1186`	`if request.options.HostErrorsCache != nil {`
`1187`		`- return request.options.HostErrorsCache.Check(input)`
	`1187`	`+ return request.options.HostErrorsCache.Check(request.options.ProtocolType.String(), input)`
`1188`	`1188`	`}`
`1189`	`1189`	`return false`
`1190`	`1190`	`}`
Original file line number	Diff line number	Diff line change
`@@ -161,7 +161,7 @@ func (request Request) executeAllFuzzingRules(input contextargs.Context, value`
`161`	`161`	`func (request Request) executeGeneratedFuzzingRequest(gr fuzz.GeneratedRequest, input contextargs.Context, callback protocols.OutputEventCallback) bool {`
`162`	`162`	`hasInteractMatchers := interactsh.HasMatchers(request.CompiledOperators)`
`163`	`163`	`hasInteractMarkers := len(gr.InteractURLs) > 0`
`164`		`- if request.options.HostErrorsCache != nil && request.options.HostErrorsCache.Check(input) {`
	`164`	`+ if request.options.HostErrorsCache != nil && request.options.HostErrorsCache.Check(request.options.ProtocolType.String(), input) {`
`165`	`165`	`return false`
`166`	`166`	`}`
`167`	`167`	`request.options.RateLimitTake()`
`@@ -215,7 +215,7 @@ func (request *Request) executeGeneratedFuzzingRequest(gr fuzz.GeneratedRequest,`
`215`	`215`	`}`
`216`	`216`	`if requestErr != nil {`
`217`	`217`	`if request.options.HostErrorsCache != nil {`
`218`		`- request.options.HostErrorsCache.MarkFailed(input, requestErr)`
	`218`	`+ request.options.HostErrorsCache.MarkFailed(request.options.ProtocolType.String(), input, requestErr)`
`219`	`219`	`}`
`220`	`220`	`gologger.Verbose().Msgf("[%s] Error occurred in request: %s\n", request.options.TemplateID, requestErr)`
`221`	`221`	`}`
Original file line number	Diff line number	Diff line change
`@@ -504,14 +504,14 @@ func (request Request) markUnresponsiveAddress(input contextargs.Context, err`
`504`	`504`	`return`
`505`	`505`	`}`
`506`	`506`	`if request.options.HostErrorsCache != nil {`
`507`		`- request.options.HostErrorsCache.MarkFailed(input, err)`
	`507`	`+ request.options.HostErrorsCache.MarkFailed(request.options.ProtocolType.String(), input, err)`
`508`	`508`	`}`
`509`	`509`	`}`
`510`	`510`
`511`	`511`	`// isUnresponsiveAddress checks if the error is a unreponsive based on its execution history`
`512`	`512`	`func (request Request) isUnresponsiveAddress(input contextargs.Context) bool {`
`513`	`513`	`if request.options.HostErrorsCache != nil {`
`514`		`- return request.options.HostErrorsCache.Check(input)`
	`514`	`+ return request.options.HostErrorsCache.Check(request.options.ProtocolType.String(), input)`
`515`	`515`	`}`
`516`	`516`	`return false`
`517`	`517`	`}`
Original file line number	Diff line number	Diff line change
`@@ -274,7 +274,7 @@ func (e ClusterExecuter) Execute(ctx scan.ScanContext) (bool, error) {`
`274`	`274`	`}`
`275`	`275`	`})`
`276`	`276`	`if err != nil && e.options.HostErrorsCache != nil {`
`277`		`- e.options.HostErrorsCache.MarkFailed(ctx.Input, err)`
	`277`	`+ e.options.HostErrorsCache.MarkFailed(e.options.ProtocolType.String(), ctx.Input, err)`
`278`	`278`	`}`
`279`	`279`	`return results, err`
`280`	`280`	`}`
`@@ -310,7 +310,7 @@ func (e ClusterExecuter) ExecuteWithResults(ctx scan.ScanContext) ([]*output.R`
`310`	`310`	`}`
`311`	`311`
`312`	`312`	`if err != nil && e.options.HostErrorsCache != nil {`
`313`		`- e.options.HostErrorsCache.MarkFailed(ctx.Input, err)`
	`313`	`+ e.options.HostErrorsCache.MarkFailed(e.options.ProtocolType.String(), ctx.Input, err)`
`314`	`314`	`}`
`315`	`315`	`return scanCtx.GenerateResult(), err`
`316`	`316`	`}`
Original file line number	Diff line number	Diff line change
`@@ -206,7 +206,9 @@ func (e TemplateExecuter) Execute(ctx scan.ScanContext) (bool, error) {`
`206`	`206`	`ctx.LogError(errx)`
`207`	`207`
`208`	`208`	`if lastMatcherEvent != nil {`
	`209`	`+ lastMatcherEvent.Lock()`
`209`	`210`	`lastMatcherEvent.InternalEvent["error"] = getErrorCause(ctx.GenerateErrorMessage())`
	`211`	`+ lastMatcherEvent.Unlock()`
`210`	`212`	`writeFailureCallback(lastMatcherEvent, e.options.Options.MatcherStatus)`
`211`	`213`	`}`
`212`	`214`
Original file line number	Diff line number	Diff line change
`@@ -85,7 +85,7 @@ func (g Generic) ExecuteWithResults(ctx scan.ScanContext) error {`
`85`	`85`	`if err != nil {`
`86`	`86`	`ctx.LogError(err)`
`87`	`87`	`if g.options.HostErrorsCache != nil {`
`88`		`- g.options.HostErrorsCache.MarkFailed(ctx.Input, err)`
	`88`	`+ g.options.HostErrorsCache.MarkFailed(g.options.ProtocolType.String(), ctx.Input, err)`
`89`	`89`	`}`
`90`	`90`	`gologger.Warning().Msgf("[%s] Could not execute request for %s: %s\n", g.options.TemplateID, ctx.Input.MetaInput.PrettyPrint(), err)`
`91`	`91`	`}`