From 1ea458af3fb1e7f1ef4e2147b75c43bcc1519e37 Mon Sep 17 00:00:00 2001 From: thc202 Date: Sat, 21 Oct 2023 06:36:47 +0100 Subject: [PATCH] Fix exceptions with newer option (#21) Load the option with the method that defaults to a given value when it does not exist, otherwise this will lead to `NoSuchElementException` until the option is set. Also, use the primitive boolean which is the most appropriate type and prevents `NullPointerException`s as it was null by default. Signed-off-by: thc202 --- CHANGELOG.md | 2 ++ .../fileupload/attacks/FileUploadAttackExecutor.java | 2 +- .../fileupload/configuration/FileUploadConfiguration.java | 6 +++--- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 43d4cbe..e02ea77 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,8 @@ All notable changes to this add-on will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## Unreleased +### Fixed +- Fix exceptions using option introduced in previous version. ## [1.2.0] - 2023-10-19 - Ensure i18n resources are always initialized. diff --git a/src/main/java/org/sasanlabs/fileupload/attacks/FileUploadAttackExecutor.java b/src/main/java/org/sasanlabs/fileupload/attacks/FileUploadAttackExecutor.java index 6a5bc2c..21c5558 100644 --- a/src/main/java/org/sasanlabs/fileupload/attacks/FileUploadAttackExecutor.java +++ b/src/main/java/org/sasanlabs/fileupload/attacks/FileUploadAttackExecutor.java @@ -72,7 +72,7 @@ public FileUploadAttackExecutor( public boolean executeAttack() throws FileUploadException { - Boolean shouldSendRequestsAfterFindingVulnerability = + boolean shouldSendRequestsAfterFindingVulnerability = FileUploadConfiguration.getInstance().getSendRequestsAfterFindingVulnerability(); for (AttackVector attackVector : attackVectors) { diff --git a/src/main/java/org/sasanlabs/fileupload/configuration/FileUploadConfiguration.java b/src/main/java/org/sasanlabs/fileupload/configuration/FileUploadConfiguration.java index bbb1e7a..6b0b405 100644 --- a/src/main/java/org/sasanlabs/fileupload/configuration/FileUploadConfiguration.java +++ b/src/main/java/org/sasanlabs/fileupload/configuration/FileUploadConfiguration.java @@ -47,7 +47,7 @@ public class FileUploadConfiguration extends VersionedAbstractParam { private String parseResponseStartIdentifier; private String parseResponseEndIdentifier; - private Boolean sendRequestsAfterFindingVulnerability; + private boolean sendRequestsAfterFindingVulnerability; private static volatile FileUploadConfiguration fileUploadConfiguration; @@ -109,7 +109,7 @@ public void setParseResponseEndIdentifier(String parseResponseEndIdentifier) { parseResponseEndIdentifier); } - public Boolean getSendRequestsAfterFindingVulnerability() { + public boolean getSendRequestsAfterFindingVulnerability() { return sendRequestsAfterFindingVulnerability; } @@ -142,7 +142,7 @@ protected void parseImpl() { this.setParseResponseEndIdentifier( getConfig().getString(PARAM_PARSE_RESPONSE_CONFIGURATION_END_IDENTIFIER)); this.setSendRequestsAfterFindingVulnerability( - getConfig().getBoolean(PARAM_SEND_REQUESTS_AFTER_FINDING_VULNERABILITY_IDENTIFIER)); + getBoolean(PARAM_SEND_REQUESTS_AFTER_FINDING_VULNERABILITY_IDENTIFIER, false)); } @Override