Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
projectdiscovery
GitHub Repository: projectdiscovery/nuclei
 Path: blob/dev/pkg/catalog/disk/find.go
2070 views
1
package disk

2


3
import (

4
	"io/fs"

5
	"os"

6
	"path/filepath"

7
	"strings"

8


9
	"github.com/logrusorgru/aurora"

10
	"github.com/pkg/errors"

11
	"github.com/projectdiscovery/nuclei/v3/pkg/catalog/config"

12
	stringsutil "github.com/projectdiscovery/utils/strings"

13
	updateutils "github.com/projectdiscovery/utils/update"

14
	urlutil "github.com/projectdiscovery/utils/url"

15
)

16


17
var deprecatedPathsCounter int

18


19
// GetTemplatesPath returns a list of absolute paths for the provided template list.

20
func (c *DiskCatalog) GetTemplatesPath(definitions []string) ([]string, map[string]error) {

21
	// keeps track of processed dirs and files

22
	processed := make(map[string]bool)

23
	allTemplates := []string{}

24
	erred := make(map[string]error)

25


26
	for _, t := range definitions {

27
		if stringsutil.ContainsAny(t, knownConfigFiles...) {

28
			// TODO: this is a temporary fix to avoid treating these files as templates

29
			// this should be replaced with more appropriate and robust logic

30
			continue

31
		}

32
		if strings.Contains(t, urlutil.SchemeSeparator) && stringsutil.ContainsAny(t, config.GetSupportTemplateFileExtensions()...) {

33
			if _, ok := processed[t]; !ok {

34
				processed[t] = true

35
				allTemplates = append(allTemplates, t)

36
			}

37
		} else {

38
			paths, err := c.GetTemplatePath(t)

39
			if err != nil {

40
				erred[t] = err

41
			}

42
			for _, path := range paths {

43
				if _, ok := processed[path]; !ok {

44
					processed[path] = true

45
					allTemplates = append(allTemplates, path)

46
				}

47
			}

48
		}

49
	}

50
	// purge all false positives

51
	filteredTemplates := []string{}

52
	for _, v := range allTemplates {

53
		// TODO: this is a temporary fix to avoid treating these files as templates

54
		// this should be replaced with more appropriate and robust logic

55
		if !stringsutil.ContainsAny(v, knownConfigFiles...) {

56
			filteredTemplates = append(filteredTemplates, v)

57
		}

58
	}

59


60
	return filteredTemplates, erred

61
}

62


63
// GetTemplatePath parses the specified input template path and returns a compiled

64
// list of finished absolute paths to the templates evaluating any glob patterns

65
// or folders provided as in.

66
func (c *DiskCatalog) GetTemplatePath(target string) ([]string, error) {

67
	processed := make(map[string]struct{})

68
	// Template input includes a wildcard

69
	if strings.Contains(target, "*") {

70
		matches, findErr := c.findGlobPathMatches(target, processed)

71
		if findErr != nil {

72
			return nil, errors.Wrap(findErr, "could not find glob matches")

73
		}

74
		if len(matches) == 0 {

75
			return nil, errors.Errorf("no templates found for path")

76
		}

77
		return matches, nil

78
	}

79


80
	// try to handle deprecated template paths

81
	absPath := target

82
	if c.templatesFS == nil {

83
		absPath = BackwardsCompatiblePaths(c.templatesDirectory, target)

84
		if absPath != target && strings.TrimPrefix(absPath, c.templatesDirectory+string(filepath.Separator)) != target {

85
			if config.DefaultConfig.LogAllEvents {

86
				config.DefaultConfig.Logger.Print().Msgf("[%v] requested Template path %s is deprecated, please update to %s\n", aurora.Yellow("WRN").String(), target, absPath)

87
			}

88
			deprecatedPathsCounter++

89
		}

90


91
		var err error

92
		absPath, err = c.convertPathToAbsolute(absPath)

93
		if err != nil {

94
			return nil, errors.Wrapf(err, "could not find template file")

95
		}

96
	}

97


98
	// Template input is either a file or a directory

99
	match, file, err := c.findFileMatches(absPath, processed)

100
	if err != nil {

101
		return nil, errors.Wrap(err, "could not find file")

102
	}

103
	if file {

104
		if match != "" {

105
			return []string{match}, nil

106
		}

107
		return nil, nil

108
	}

109


110
	// Recursively walk down the Templates directory and run all

111
	// the template file checks

112
	matches, err := c.findDirectoryMatches(absPath, processed)

113
	if err != nil {

114
		return nil, errors.Wrap(err, "could not find directory matches")

115
	}

116
	if len(matches) == 0 {

117
		return nil, errors.Errorf("no templates found in path %s", absPath)

118
	}

119
	return matches, nil

120
}

121


122
// convertPathToAbsolute resolves the paths provided to absolute paths

123
// before doing any operations on them regardless of them being BLOB, folders, files, etc.

124
func (c *DiskCatalog) convertPathToAbsolute(t string) (string, error) {

125
	if strings.Contains(t, "*") {

126
		file := filepath.Base(t)

127
		absPath, err := c.ResolvePath(filepath.Dir(t), "")

128
		if err != nil {

129
			return "", err

130
		}

131
		return filepath.Join(absPath, file), nil

132
	}

133
	return c.ResolvePath(t, "")

134
}

135


136
// findGlobPathMatches returns the matched files from a glob path

137
func (c *DiskCatalog) findGlobPathMatches(absPath string, processed map[string]struct{}) ([]string, error) {

138
	// to support globbing on old paths we use brute force to find matches with exit on first match

139
	// trim templateDir if any

140
	relPath := strings.TrimPrefix(absPath, c.templatesDirectory)

141
	// trim leading slash if any

142
	relPath = strings.TrimPrefix(relPath, string(os.PathSeparator))

143


144
	OldPathsResolver := func(inputGlob string) []string {

145
		templateDir := c.templatesDirectory

146
		if c.templatesDirectory == "" {

147
			templateDir = "./"

148
		}

149


150
		if c.templatesFS == nil {

151
			matches, _ := fs.Glob(os.DirFS(filepath.Join(templateDir, "http")), inputGlob)

152
			if len(matches) != 0 {

153
				return matches

154
			}

155


156
			// condition to support network cve related globs

157
			matches, _ = fs.Glob(os.DirFS(filepath.Join(templateDir, "network")), inputGlob)

158
			return matches

159
		} else {

160
			sub, err := fs.Sub(c.templatesFS, filepath.Join(templateDir, "http"))

161
			if err != nil {

162
				return nil

163
			}

164
			matches, _ := fs.Glob(sub, inputGlob)

165
			if len(matches) != 0 {

166
				return matches

167
			}

168


169
			// condition to support network cve related globs

170
			sub, err = fs.Sub(c.templatesFS, filepath.Join(templateDir, "network"))

171
			if err != nil {

172
				return nil

173
			}

174
			matches, _ = fs.Glob(sub, inputGlob)

175
			return matches

176
		}

177
	}

178


179
	var matched []string

180
	var matches []string

181
	if c.templatesFS == nil {

182
		var err error

183
		matches, err = filepath.Glob(relPath)

184
		if len(matches) != 0 {

185
			matched = append(matched, matches...)

186
		} else {

187
			matched = append(matched, OldPathsResolver(relPath)...)

188
		}

189
		if err != nil && len(matched) == 0 {

190
			return nil, errors.Errorf("wildcard found, but unable to glob: %s\n", err)

191
		}

192
	} else {

193
		var err error

194
		matches, err = fs.Glob(c.templatesFS, relPath)

195
		if len(matches) != 0 {

196
			matched = append(matched, matches...)

197
		} else {

198
			matched = append(matched, OldPathsResolver(relPath)...)

199
		}

200
		if err != nil && len(matched) == 0 {

201
			return nil, errors.Errorf("wildcard found, but unable to glob: %s\n", err)

202
		}

203
	}

204
	results := make([]string, 0, len(matches))

205
	for _, match := range matches {

206
		if _, ok := processed[match]; !ok {

207
			processed[match] = struct{}{}

208
			results = append(results, match)

209
		}

210
	}

211
	return results, nil

212
}

213


214
// findFileMatches finds if a path is an absolute file. If the path

215
// is a file, it returns true otherwise false with no errors.

216
func (c *DiskCatalog) findFileMatches(absPath string, processed map[string]struct{}) (match string, matched bool, err error) {

217
	if c.templatesFS != nil {

218
		absPath = strings.Trim(absPath, "/")

219
	}

220
	var info fs.File

221
	if c.templatesFS == nil {

222
		info, err = os.Open(absPath)

223
	} else {

224
		// If we were given no path, then it's not a file, it's the root, and we can quietly return.

225
		if absPath == "" {

226
			return "", false, nil

227
		}

228


229
		info, err = c.templatesFS.Open(absPath)

230
	}

231
	if err != nil {

232
		return "", false, err

233
	}

234
	stat, err := info.Stat()

235
	if err != nil {

236
		return "", false, err

237
	}

238
	if !stat.Mode().IsRegular() {

239
		return "", false, nil

240
	}

241
	if _, ok := processed[absPath]; !ok {

242
		processed[absPath] = struct{}{}

243
		return absPath, true, nil

244
	}

245
	return "", true, nil

246
}

247


248
// findDirectoryMatches finds matches for templates from a directory

249
func (c *DiskCatalog) findDirectoryMatches(absPath string, processed map[string]struct{}) ([]string, error) {

250
	var results []string

251
	var err error

252
	if c.templatesFS == nil {

253
		err = filepath.WalkDir(

254
			absPath,

255
			func(path string, d fs.DirEntry, err error) error {

256
				// continue on errors

257
				if err != nil {

258
					return nil

259
				}

260
				if !d.IsDir() && config.GetTemplateFormatFromExt(path) != config.Unknown {

261
					if _, ok := processed[path]; !ok {

262
						results = append(results, path)

263
						processed[path] = struct{}{}

264
					}

265
				}

266
				return nil

267
			},

268
		)

269
	} else {

270
		// For the special case of the root directory, we need to pass "." to `fs.WalkDir`.

271
		if absPath == "" {

272
			absPath = "."

273
		}

274
		absPath = strings.TrimSuffix(absPath, "/")

275


276
		err = fs.WalkDir(

277
			c.templatesFS,

278
			absPath,

279
			func(path string, d fs.DirEntry, err error) error {

280
				// continue on errors

281
				if err != nil {

282
					return nil

283
				}

284
				if !d.IsDir() && config.GetTemplateFormatFromExt(path) != config.Unknown {

285
					if _, ok := processed[path]; !ok {

286
						results = append(results, path)

287
						processed[path] = struct{}{}

288
					}

289
				}

290
				return nil

291
			},

292
		)

293
	}

294
	return results, err

295
}

296


297
// PrintDeprecatedPathsMsgIfApplicable prints a warning message if any deprecated paths are found

298
// Unless mode is silent warning message is printed

299
func PrintDeprecatedPathsMsgIfApplicable(isSilent bool) {

300
	if !updateutils.IsOutdated("v9.4.3", config.DefaultConfig.TemplateVersion) {

301
		return

302
	}

303
	if deprecatedPathsCounter > 0 && !isSilent {

304
		config.DefaultConfig.Logger.Print().Msgf("[%v] Found %v template[s] loaded with deprecated paths, update before v3 for continued support.\n", aurora.Yellow("WRN").String(), deprecatedPathsCounter)

305
	}

306
}

307


308