mirror of https://github.com/daffainfo/nuclei.git
Merge pull request #590 from projectdiscovery/bugfix-race-condition-sync
Improvement in race conditiondev
Ice3man
GitHub
commit
b532a5b3e0
|
|
@ -27,31 +27,53 @@ const defaultMaxWorkers = 150
|
|||
|
||||
// executeRaceRequest executes race condition request for a URL
|
||||
func (r *Request) executeRaceRequest(reqURL string, previous output.InternalEvent, callback protocols.OutputEventCallback) error {
|
||||
var requests []*generatedRequest
|
||||
|
||||
// Requests within race condition should be dumped once and the output prefilled to allow DSL language to work
|
||||
// This will introduce a delay and will populate in hacky way the field "request" of outputEvent
|
||||
generator := r.newGenerator()
|
||||
|
||||
maxWorkers := r.RaceNumberRequests
|
||||
swg := sizedwaitgroup.New(maxWorkers)
|
||||
|
||||
var requestErr error
|
||||
mutex := &sync.Mutex{}
|
||||
|
||||
request, err := generator.Make(reqURL, nil)
|
||||
requestForDump, err := generator.Make(reqURL, nil)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
r.setCustomHeaders(requestForDump)
|
||||
dumpedRequest, err := dump(requestForDump, reqURL)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if r.options.Options.Debug || r.options.Options.DebugRequests {
|
||||
gologger.Info().Msgf("[%s] Dumped HTTP request for %s\n\n", r.options.TemplateID, reqURL)
|
||||
gologger.Print().Msgf("%s", string(dumpedRequest))
|
||||
}
|
||||
previous["request"] = string(dumpedRequest)
|
||||
|
||||
// Pre-Generate requests
|
||||
for i := 0; i < r.RaceNumberRequests; i++ {
|
||||
swg.Add()
|
||||
generator := r.newGenerator()
|
||||
request, err := generator.Make(reqURL, nil)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
requests = append(requests, request)
|
||||
}
|
||||
|
||||
wg := sync.WaitGroup{}
|
||||
var requestErr error
|
||||
mutex := &sync.Mutex{}
|
||||
for i := 0; i < r.RaceNumberRequests; i++ {
|
||||
wg.Add(1)
|
||||
go func(httpRequest *generatedRequest) {
|
||||
defer wg.Done()
|
||||
err := r.executeRequest(reqURL, httpRequest, previous, callback)
|
||||
mutex.Lock()
|
||||
if err != nil {
|
||||
requestErr = multierr.Append(requestErr, err)
|
||||
}
|
||||
mutex.Unlock()
|
||||
swg.Done()
|
||||
}(request)
|
||||
}(requests[i])
|
||||
}
|
||||
swg.Wait()
|
||||
wg.Wait()
|
||||
|
||||
return requestErr
|
||||
}
|
||||
|
||||
|
|
@ -217,7 +239,7 @@ func (r *Request) executeRequest(reqURL string, request *generatedRequest, previ
|
|||
err error
|
||||
)
|
||||
|
||||
// For race conditions we can't dump the request body at this point as it's already waiting the open-gate event
|
||||
// For race conditions we can't dump the request body at this point as it's already waiting the open-gate event, already handled with a similar code within the race function
|
||||
if !request.original.Race {
|
||||
dumpedRequest, err = dump(request, reqURL)
|
||||
if err != nil {
|
||||
|
|
|
|||
Loading…
Reference in New Issue