nuclei/v2/pkg/protocols/common/expressions/expressions.go

package expressions

import (
	"strings"

	"github.com/Knetic/govaluate"

	"github.com/projectdiscovery/nuclei/v2/pkg/operators/common/dsl"
	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/marker"
	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/replacer"
	stringsutil "github.com/projectdiscovery/utils/strings"
)

// Evaluate checks if the match contains a dynamic variable, for each
// found one we will check if it's an expression and can
// be compiled, it will be evaluated and the results will be returned.
//
// The provided keys from finalValues will be used as variable names
// for substitution inside the expression.
func Evaluate(data string, base map[string]interface{}) (string, error) {
	return evaluate(data, base)
}

// EvaluateByte checks if the match contains a dynamic variable, for each
// found one we will check if it's an expression and can
// be compiled, it will be evaluated and the results will be returned.
//
// The provided keys from finalValues will be used as variable names
// for substitution inside the expression.
func EvaluateByte(data []byte, base map[string]interface{}) ([]byte, error) {
	finalData, err := evaluate(string(data), base)
	return []byte(finalData), err
}

func evaluate(data string, base map[string]interface{}) (string, error) {
	// replace simple placeholders (key => value) MarkerOpen + key + MarkerClose and General + key + General to value
	data = replacer.Replace(data, base)

	// expressions can be:
	// - simple: containing base values keys (variables)
	// - complex: containing helper functions [ + variables]
	// literals like {{2+2}} are not considered expressions
	expressions := findExpressions(data, marker.ParenthesisOpen, marker.ParenthesisClose, base)
	for _, expression := range expressions {
		// replace variable placeholders with base values
		expression = replacer.Replace(expression, base)
		// turns expressions (either helper functions+base values or base values)
		compiled, err := govaluate.NewEvaluableExpressionWithFunctions(expression, dsl.HelperFunctions)
		if err != nil {
			continue
		}
		result, err := compiled.Evaluate(base)
		if err != nil {
			continue
		}
		// replace incrementally
		data = replacer.ReplaceOne(data, expression, result)
	}
	return data, nil
}

// maxIterations to avoid infinite loop
const maxIterations = 250

func findExpressions(data, OpenMarker, CloseMarker string, base map[string]interface{}) []string {
	var (
		iterations int
		exps       []string
	)
	for {
		// check if we reached the maximum number of iterations
		if iterations > maxIterations {
			break
		}
		iterations++
		// attempt to find open markers
		indexOpenMarker := strings.Index(data, OpenMarker)
		// exits if not found
		if indexOpenMarker < 0 {
			break
		}

		indexOpenMarkerOffset := indexOpenMarker + len(OpenMarker)

		shouldSearchCloseMarker := true
		closeMarkerFound := false
		innerData := data
		var potentialMatch string
		var indexCloseMarker, indexCloseMarkerOffset int
		skip := indexOpenMarkerOffset
		for shouldSearchCloseMarker {
			// attempt to find close marker
			indexCloseMarker = stringsutil.IndexAt(innerData, CloseMarker, skip)
			// if no close markers are found exit
			if indexCloseMarker < 0 {
				shouldSearchCloseMarker = false
				continue
			}
			indexCloseMarkerOffset = indexCloseMarker + len(CloseMarker)

			potentialMatch = innerData[indexOpenMarkerOffset:indexCloseMarker]
			if isExpression(potentialMatch, base) {
				closeMarkerFound = true
				shouldSearchCloseMarker = false
				exps = append(exps, potentialMatch)
			} else {
				skip = indexCloseMarkerOffset
			}
		}

		if closeMarkerFound {
			// move after the close marker
			data = data[indexCloseMarkerOffset:]
		} else {
			// move after the open marker
			data = data[indexOpenMarkerOffset:]
		}
	}
	return exps
}

func isExpression(data string, base map[string]interface{}) bool {
	if _, err := govaluate.NewEvaluableExpression(data); err == nil {
		if stringsutil.ContainsAny(data, getFunctionsNames(base)...) {
			return true
		} else if stringsutil.ContainsAny(data, dsl.FunctionNames...) {
			return true
		}
		return false
	}
	_, err := govaluate.NewEvaluableExpressionWithFunctions(data, dsl.HelperFunctions)
	return err == nil
}

func getFunctionsNames(m map[string]interface{}) []string {
	keys := make([]string, 0, len(m))
	for k := range m {
		keys = append(keys, k)
	}
	return keys
}
Added expressions package + expressions support to network protocols 2021-02-24 12:07:16 +05:30			`package expressions`

			`import (`
Replacing expression regex with lexical analyzer (#1440) * Replacing regex with lexical analyzer taken from https://github.com/projectdiscovery/nuclei/blob/610beb8534e0701592bb5dd44355a0db3337cace/v2/pkg/protocols/common/expressions/expressions.go#L66 2022-01-09 12:52:04 +01:00			`"strings"`
Added expressions package + expressions support to network protocols 2021-02-24 12:07:16 +05:30
			`"github.com/Knetic/govaluate"`
refactor: Remove redundant character escapes from regexes 2021-11-25 15:39:10 +02:00
Added expressions package + expressions support to network protocols 2021-02-24 12:07:16 +05:30			`"github.com/projectdiscovery/nuclei/v2/pkg/operators/common/dsl"`
Replacing expression regex with lexical analyzer (#1440) * Replacing regex with lexical analyzer taken from https://github.com/projectdiscovery/nuclei/blob/610beb8534e0701592bb5dd44355a0db3337cace/v2/pkg/protocols/common/expressions/expressions.go#L66 2022-01-09 12:52:04 +01:00			`"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/marker"`
Added expressions package + expressions support to network protocols 2021-02-24 12:07:16 +05:30			`"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/replacer"`
Use utils helpers libraries (#2809) (#2810) * Use utils helpers libraries (#2809) * Use utils helpers libraries (#2809) 2022-11-06 21:24:23 +01:00			`stringsutil "github.com/projectdiscovery/utils/strings"`
Added expressions package + expressions support to network protocols 2021-02-24 12:07:16 +05:30			`)`

			`// Evaluate checks if the match contains a dynamic variable, for each`
			`// found one we will check if it's an expression and can`
			`// be compiled, it will be evaluated and the results will be returned.`
			`//`
			`// The provided keys from finalValues will be used as variable names`
			`// for substitution inside the expression.`
			`func Evaluate(data string, base map[string]interface{}) (string, error) {`
Removed sniper + made batteringram default + misc 2021-10-09 19:46:23 +05:30			`return evaluate(data, base)`
Added expressions package + expressions support to network protocols 2021-02-24 12:07:16 +05:30			`}`
Added payload support for network requests 2021-07-06 18:27:30 +05:30
			`// EvaluateByte checks if the match contains a dynamic variable, for each`
			`// found one we will check if it's an expression and can`
			`// be compiled, it will be evaluated and the results will be returned.`
			`//`
			`// The provided keys from finalValues will be used as variable names`
			`// for substitution inside the expression.`
			`func EvaluateByte(data []byte, base map[string]interface{}) ([]byte, error) {`
Removed sniper + made batteringram default + misc 2021-10-09 19:46:23 +05:30			`finalData, err := evaluate(string(data), base)`
			`return []byte(finalData), err`
			`}`

			`func evaluate(data string, base map[string]interface{}) (string, error) {`
making markers parametric + simple match/replace for basic variables 2022-01-19 14:57:25 +01:00			`// replace simple placeholders (key => value) MarkerOpen + key + MarkerClose and General + key + General to value`
			`data = replacer.Replace(data, base)`

Implementing lexer with runtime expression validation 2022-01-19 14:10:11 +01:00			`// expressions can be:`
			`// - simple: containing base values keys (variables)`
			`// - complex: containing helper functions [ + variables]`
			`// literals like {{2+2}} are not considered expressions`
Memory usage optimizations (#2350) * Replaced strings.Replaced with fasttemplate reducing allocations Custom template parsing logic was replaced with fasttemplate package for reducing allocations in the replacer.Replace hotpath leading to allocation reduction which accounted for 30% of total nuclei allocations. $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/replacer BenchmarkReplacer-8 837232 1422 ns/op 2112 B/op 31 allocs/op BenchmarkReplacerNew-8 3672765 320.3 ns/op 48 B/op 4 allocs/op * Fixed tests failing * Use pre-compiled map of DSL expressions * Reworked expression parsing logic to reduce memory allocations $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions BenchmarkEvaluate-8 31560 37769 ns/op 31731 B/op 265 allocs/op BenchmarkEvaluateNew-8 109144 9621 ns/op 6253 B/op 116 allocs/op 2022-08-23 13:16:41 +05:30			`expressions := findExpressions(data, marker.ParenthesisOpen, marker.ParenthesisClose, base)`
Implementing lexer with runtime expression validation 2022-01-19 14:10:11 +01:00			`for _, expression := range expressions {`
			`// replace variable placeholders with base values`
			`expression = replacer.Replace(expression, base)`
			`// turns expressions (either helper functions+base values or base values)`
Memory usage optimizations (#2350) * Replaced strings.Replaced with fasttemplate reducing allocations Custom template parsing logic was replaced with fasttemplate package for reducing allocations in the replacer.Replace hotpath leading to allocation reduction which accounted for 30% of total nuclei allocations. $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/replacer BenchmarkReplacer-8 837232 1422 ns/op 2112 B/op 31 allocs/op BenchmarkReplacerNew-8 3672765 320.3 ns/op 48 B/op 4 allocs/op * Fixed tests failing * Use pre-compiled map of DSL expressions * Reworked expression parsing logic to reduce memory allocations $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions BenchmarkEvaluate-8 31560 37769 ns/op 31731 B/op 265 allocs/op BenchmarkEvaluateNew-8 109144 9621 ns/op 6253 B/op 116 allocs/op 2022-08-23 13:16:41 +05:30			`compiled, err := govaluate.NewEvaluableExpressionWithFunctions(expression, dsl.HelperFunctions)`
Added payload support for network requests 2021-07-06 18:27:30 +05:30			`if err != nil {`
			`continue`
			`}`
			`result, err := compiled.Evaluate(base)`
			`if err != nil {`
			`continue`
			`}`
Implementing incremental expression replacement 2022-02-01 14:12:16 +01:00			`// replace incrementally`
			`data = replacer.ReplaceOne(data, expression, result)`
Added payload support for network requests 2021-07-06 18:27:30 +05:30			`}`
Implementing incremental expression replacement 2022-02-01 14:12:16 +01:00			`return data, nil`
Added payload support for network requests 2021-07-06 18:27:30 +05:30			`}`
Replacing expression regex with lexical analyzer (#1440) * Replacing regex with lexical analyzer taken from https://github.com/projectdiscovery/nuclei/blob/610beb8534e0701592bb5dd44355a0db3337cace/v2/pkg/protocols/common/expressions/expressions.go#L66 2022-01-09 12:52:04 +01:00
Implementing lexer with runtime expression validation 2022-01-19 14:10:11 +01:00			`// maxIterations to avoid infinite loop`
			`const maxIterations = 250`

Memory usage optimizations (#2350) * Replaced strings.Replaced with fasttemplate reducing allocations Custom template parsing logic was replaced with fasttemplate package for reducing allocations in the replacer.Replace hotpath leading to allocation reduction which accounted for 30% of total nuclei allocations. $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/replacer BenchmarkReplacer-8 837232 1422 ns/op 2112 B/op 31 allocs/op BenchmarkReplacerNew-8 3672765 320.3 ns/op 48 B/op 4 allocs/op * Fixed tests failing * Use pre-compiled map of DSL expressions * Reworked expression parsing logic to reduce memory allocations $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions BenchmarkEvaluate-8 31560 37769 ns/op 31731 B/op 265 allocs/op BenchmarkEvaluateNew-8 109144 9621 ns/op 6253 B/op 116 allocs/op 2022-08-23 13:16:41 +05:30			`func findExpressions(data, OpenMarker, CloseMarker string, base map[string]interface{}) []string {`
Implementing lexer with runtime expression validation 2022-01-19 14:10:11 +01:00			`var (`
			`iterations int`
			`exps []string`
			`)`
			`for {`
			`// check if we reached the maximum number of iterations`
			`if iterations > maxIterations {`
			`break`
			`}`
			`iterations++`
			`// attempt to find open markers`
making markers parametric + simple match/replace for basic variables 2022-01-19 14:57:25 +01:00			`indexOpenMarker := strings.Index(data, OpenMarker)`
Implementing lexer with runtime expression validation 2022-01-19 14:10:11 +01:00			`// exits if not found`
			`if indexOpenMarker < 0 {`
			`break`
			`}`

making markers parametric + simple match/replace for basic variables 2022-01-19 14:57:25 +01:00			`indexOpenMarkerOffset := indexOpenMarker + len(OpenMarker)`
Implementing lexer with runtime expression validation 2022-01-19 14:10:11 +01:00
			`shouldSearchCloseMarker := true`
			`closeMarkerFound := false`
			`innerData := data`
			`var potentialMatch string`
			`var indexCloseMarker, indexCloseMarkerOffset int`
			`skip := indexOpenMarkerOffset`
			`for shouldSearchCloseMarker {`
			`// attempt to find close marker`
making markers parametric + simple match/replace for basic variables 2022-01-19 14:57:25 +01:00			`indexCloseMarker = stringsutil.IndexAt(innerData, CloseMarker, skip)`
Implementing lexer with runtime expression validation 2022-01-19 14:10:11 +01:00			`// if no close markers are found exit`
			`if indexCloseMarker < 0 {`
			`shouldSearchCloseMarker = false`
			`continue`
			`}`
making markers parametric + simple match/replace for basic variables 2022-01-19 14:57:25 +01:00			`indexCloseMarkerOffset = indexCloseMarker + len(CloseMarker)`
Implementing lexer with runtime expression validation 2022-01-19 14:10:11 +01:00
			`potentialMatch = innerData[indexOpenMarkerOffset:indexCloseMarker]`
Memory usage optimizations (#2350) * Replaced strings.Replaced with fasttemplate reducing allocations Custom template parsing logic was replaced with fasttemplate package for reducing allocations in the replacer.Replace hotpath leading to allocation reduction which accounted for 30% of total nuclei allocations. $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/replacer BenchmarkReplacer-8 837232 1422 ns/op 2112 B/op 31 allocs/op BenchmarkReplacerNew-8 3672765 320.3 ns/op 48 B/op 4 allocs/op * Fixed tests failing * Use pre-compiled map of DSL expressions * Reworked expression parsing logic to reduce memory allocations $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions BenchmarkEvaluate-8 31560 37769 ns/op 31731 B/op 265 allocs/op BenchmarkEvaluateNew-8 109144 9621 ns/op 6253 B/op 116 allocs/op 2022-08-23 13:16:41 +05:30			`if isExpression(potentialMatch, base) {`
Implementing lexer with runtime expression validation 2022-01-19 14:10:11 +01:00			`closeMarkerFound = true`
			`shouldSearchCloseMarker = false`
			`exps = append(exps, potentialMatch)`
			`} else {`
			`skip = indexCloseMarkerOffset`
			`}`
			`}`

			`if closeMarkerFound {`
			`// move after the close marker`
			`data = data[indexCloseMarkerOffset:]`
			`} else {`
			`// move after the open marker`
			`data = data[indexOpenMarkerOffset:]`
			`}`
			`}`
			`return exps`
			`}`

Memory usage optimizations (#2350) * Replaced strings.Replaced with fasttemplate reducing allocations Custom template parsing logic was replaced with fasttemplate package for reducing allocations in the replacer.Replace hotpath leading to allocation reduction which accounted for 30% of total nuclei allocations. $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/replacer BenchmarkReplacer-8 837232 1422 ns/op 2112 B/op 31 allocs/op BenchmarkReplacerNew-8 3672765 320.3 ns/op 48 B/op 4 allocs/op * Fixed tests failing * Use pre-compiled map of DSL expressions * Reworked expression parsing logic to reduce memory allocations $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions BenchmarkEvaluate-8 31560 37769 ns/op 31731 B/op 265 allocs/op BenchmarkEvaluateNew-8 109144 9621 ns/op 6253 B/op 116 allocs/op 2022-08-23 13:16:41 +05:30			`func isExpression(data string, base map[string]interface{}) bool {`
Implementing lexer with runtime expression validation 2022-01-19 14:10:11 +01:00			`if _, err := govaluate.NewEvaluableExpression(data); err == nil {`
Memory usage optimizations (#2350) * Replaced strings.Replaced with fasttemplate reducing allocations Custom template parsing logic was replaced with fasttemplate package for reducing allocations in the replacer.Replace hotpath leading to allocation reduction which accounted for 30% of total nuclei allocations. $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/replacer BenchmarkReplacer-8 837232 1422 ns/op 2112 B/op 31 allocs/op BenchmarkReplacerNew-8 3672765 320.3 ns/op 48 B/op 4 allocs/op * Fixed tests failing * Use pre-compiled map of DSL expressions * Reworked expression parsing logic to reduce memory allocations $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions BenchmarkEvaluate-8 31560 37769 ns/op 31731 B/op 265 allocs/op BenchmarkEvaluateNew-8 109144 9621 ns/op 6253 B/op 116 allocs/op 2022-08-23 13:16:41 +05:30			`if stringsutil.ContainsAny(data, getFunctionsNames(base)...) {`
			`return true`
			`} else if stringsutil.ContainsAny(data, dsl.FunctionNames...) {`
			`return true`
Replacing expression regex with lexical analyzer (#1440) * Replacing regex with lexical analyzer taken from https://github.com/projectdiscovery/nuclei/blob/610beb8534e0701592bb5dd44355a0db3337cace/v2/pkg/protocols/common/expressions/expressions.go#L66 2022-01-09 12:52:04 +01:00			`}`
Memory usage optimizations (#2350) * Replaced strings.Replaced with fasttemplate reducing allocations Custom template parsing logic was replaced with fasttemplate package for reducing allocations in the replacer.Replace hotpath leading to allocation reduction which accounted for 30% of total nuclei allocations. $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/replacer BenchmarkReplacer-8 837232 1422 ns/op 2112 B/op 31 allocs/op BenchmarkReplacerNew-8 3672765 320.3 ns/op 48 B/op 4 allocs/op * Fixed tests failing * Use pre-compiled map of DSL expressions * Reworked expression parsing logic to reduce memory allocations $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions BenchmarkEvaluate-8 31560 37769 ns/op 31731 B/op 265 allocs/op BenchmarkEvaluateNew-8 109144 9621 ns/op 6253 B/op 116 allocs/op 2022-08-23 13:16:41 +05:30			`return false`
Replacing expression regex with lexical analyzer (#1440) * Replacing regex with lexical analyzer taken from https://github.com/projectdiscovery/nuclei/blob/610beb8534e0701592bb5dd44355a0db3337cace/v2/pkg/protocols/common/expressions/expressions.go#L66 2022-01-09 12:52:04 +01:00			`}`
Memory usage optimizations (#2350) * Replaced strings.Replaced with fasttemplate reducing allocations Custom template parsing logic was replaced with fasttemplate package for reducing allocations in the replacer.Replace hotpath leading to allocation reduction which accounted for 30% of total nuclei allocations. $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/replacer BenchmarkReplacer-8 837232 1422 ns/op 2112 B/op 31 allocs/op BenchmarkReplacerNew-8 3672765 320.3 ns/op 48 B/op 4 allocs/op * Fixed tests failing * Use pre-compiled map of DSL expressions * Reworked expression parsing logic to reduce memory allocations $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions BenchmarkEvaluate-8 31560 37769 ns/op 31731 B/op 265 allocs/op BenchmarkEvaluateNew-8 109144 9621 ns/op 6253 B/op 116 allocs/op 2022-08-23 13:16:41 +05:30			`_, err := govaluate.NewEvaluableExpressionWithFunctions(data, dsl.HelperFunctions)`
			`return err == nil`
Implementing lexer with runtime expression validation 2022-01-19 14:10:11 +01:00			`}`

Memory usage optimizations (#2350) * Replaced strings.Replaced with fasttemplate reducing allocations Custom template parsing logic was replaced with fasttemplate package for reducing allocations in the replacer.Replace hotpath leading to allocation reduction which accounted for 30% of total nuclei allocations. $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/replacer BenchmarkReplacer-8 837232 1422 ns/op 2112 B/op 31 allocs/op BenchmarkReplacerNew-8 3672765 320.3 ns/op 48 B/op 4 allocs/op * Fixed tests failing * Use pre-compiled map of DSL expressions * Reworked expression parsing logic to reduce memory allocations $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions BenchmarkEvaluate-8 31560 37769 ns/op 31731 B/op 265 allocs/op BenchmarkEvaluateNew-8 109144 9621 ns/op 6253 B/op 116 allocs/op 2022-08-23 13:16:41 +05:30			`func getFunctionsNames(m map[string]interface{}) []string {`
			`keys := make([]string, 0, len(m))`
Implementing lexer with runtime expression validation 2022-01-19 14:10:11 +01:00			`for k := range m {`
			`keys = append(keys, k)`
			`}`
			`return keys`
Replacing expression regex with lexical analyzer (#1440) * Replacing regex with lexical analyzer taken from https://github.com/projectdiscovery/nuclei/blob/610beb8534e0701592bb5dd44355a0db3337cace/v2/pkg/protocols/common/expressions/expressions.go#L66 2022-01-09 12:52:04 +01:00			`}`