forked from projectdiscovery/nuclei
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvalidate.go
69 lines (62 loc) · 2.3 KB
/
validate.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
package generators
import (
"errors"
"fmt"
"path/filepath"
"strings"
"github.com/projectdiscovery/nuclei/v3/pkg/catalog/config"
"github.com/projectdiscovery/nuclei/v3/pkg/types"
fileutil "github.com/projectdiscovery/utils/file"
folderutil "github.com/projectdiscovery/utils/folder"
)
// validate validates the payloads if any.
func (g *PayloadGenerator) validate(payloads map[string]interface{}, templatePath string) error {
for name, payload := range payloads {
switch payloadType := payload.(type) {
case string:
// check if it's a multiline string list
if len(strings.Split(payloadType, "\n")) != 1 {
return errors.New("invalid number of lines in payload")
}
// check if it's a file and try to load it
if fileutil.FileExists(payloadType) {
continue
}
// if file already exists in nuclei-templates directory, skip any further checks
if fileutil.FileExists(filepath.Join(config.DefaultConfig.GetTemplateDir(), payloadType)) {
continue
}
// in below code, we calculate all possible paths from root and try to resolve the payload
// at each level of the path. if the payload is found, we break the loop and continue
// ex: template-path: /home/user/nuclei-templates/cves/2020/CVE-2020-1234.yaml
// then we check if helper file "my-payload.txt" exists at below paths:
// 1. /home/user/nuclei-templates/cves/2020/my-payload.txt
// 2. /home/user/nuclei-templates/cves/my-payload.txt
// 3. /home/user/nuclei-templates/my-payload.txt
// 4. /home/user/my-payload.txt
// 5. /home/my-payload.txt
changed := false
dir, _ := filepath.Split(templatePath)
templatePathInfo, _ := folderutil.NewPathInfo(dir)
payloadPathsToProbe, _ := templatePathInfo.MeshWith(payloadType)
for _, payloadPath := range payloadPathsToProbe {
if fileutil.FileExists(payloadPath) {
payloads[name] = payloadPath
changed = true
break
}
}
if !changed {
return fmt.Errorf("the %s file for payload %s does not exist or does not contain enough elements", payloadType, name)
}
case interface{}:
loadedPayloads := types.ToStringSlice(payloadType)
if len(loadedPayloads) == 0 {
return fmt.Errorf("the payload %s does not contain enough elements", name)
}
default:
return fmt.Errorf("the payload %s has invalid type", name)
}
}
return nil
}