nuclei/pkg/protocols/common/expressions/variables.go

package expressions

import (
	"errors"
	"regexp"
	"strings"

	"github.com/Knetic/govaluate"
	"github.com/projectdiscovery/nuclei/v3/pkg/operators/common/dsl"
)

var (
	numericalExpressionRegex = regexp.MustCompile(`^[0-9+\-/\W]+$`)
	unresolvedVariablesRegex = regexp.MustCompile(`(?:%7[B|b]|\{){2}([^}]+)(?:%7[D|d]|\}){2}["'\)\}]*`)
)

// ContainsUnresolvedVariables returns an error with variable names if the passed
// input contains unresolved {{<pattern-here>}} variables.
func ContainsUnresolvedVariables(items ...string) error {
	for _, data := range items {
		matches := unresolvedVariablesRegex.FindAllStringSubmatch(data, -1)
		if len(matches) == 0 {
			return nil
		}
		var unresolvedVariables []string
		for _, match := range matches {
			if len(match) < 2 {
				continue
			}
			// Skip if the match is an expression
			if numericalExpressionRegex.MatchString(match[1]) {
				continue
			}
			// or if it contains only literals (can be solved from expression engine)
			if hasLiteralsOnly(match[1]) {
				continue
			}
			unresolvedVariables = append(unresolvedVariables, match[1])
		}
		if len(unresolvedVariables) > 0 {
			return errors.New("unresolved variables found: " + strings.Join(unresolvedVariables, ","))
		}
	}

	return nil
}

// ContainsVariablesWithNames returns an error with variable names if the passed
// input contains unresolved {{<pattern-here>}} variables within the provided list
func ContainsVariablesWithNames(names map[string]interface{}, items ...string) error {
	for _, data := range items {
		matches := unresolvedVariablesRegex.FindAllStringSubmatch(data, -1)
		if len(matches) == 0 {
			return nil
		}
		var unresolvedVariables []string
		for _, match := range matches {
			if len(match) < 2 {
				continue
			}
			matchName := match[1]
			// Skip if the match is an expression
			if numericalExpressionRegex.MatchString(matchName) {
				continue
			}
			// or if it contains only literals (can be solved from expression engine)
			if hasLiteralsOnly(match[1]) {
				continue
			}
			if _, ok := names[matchName]; !ok {
				unresolvedVariables = append(unresolvedVariables, matchName)
			}
		}
		if len(unresolvedVariables) > 0 {
			return errors.New("unresolved variables with values found: " + strings.Join(unresolvedVariables, ","))
		}
	}

	return nil
}

// ContainsVariablesWithIgnoreList returns an error with variable names if the passed
// input contains unresolved {{<pattern-here>}} other than the ones listed in the ignore list
func ContainsVariablesWithIgnoreList(skipNames map[string]interface{}, items ...string) error {
	var unresolvedVariables []string
	for _, data := range items {
		matches := unresolvedVariablesRegex.FindAllStringSubmatch(data, -1)
		if len(matches) == 0 {
			return nil
		}
		for _, match := range matches {
			if len(match) < 2 {
				continue
			}
			matchName := match[1]
			// Skip if the match is an expression
			if numericalExpressionRegex.MatchString(matchName) {
				continue
			}
			// or if it contains only literals (can be solved from expression engine)
			if hasLiteralsOnly(match[1]) {
				continue
			}
			if _, ok := skipNames[matchName]; ok {
				continue
			}
			unresolvedVariables = append(unresolvedVariables, matchName)
		}
	}

	if len(unresolvedVariables) > 0 {
		return errors.New("unresolved variables with values found: " + strings.Join(unresolvedVariables, ","))
	}

	return nil
}

func hasLiteralsOnly(data string) bool {
	expr, err := govaluate.NewEvaluableExpressionWithFunctions(data, dsl.HelperFunctions)
	if err != nil {
		return false
	}
	if expr != nil {
		_, err = expr.Evaluate(nil)
		return err == nil
	}
	return true
}
Added check for unresolved variables 2021-10-07 01:40:49 +05:30			`package expressions`

			`import (`
			`"errors"`
			`"regexp"`
			`"strings"`
Memory usage optimizations (#2350) * Replaced strings.Replaced with fasttemplate reducing allocations Custom template parsing logic was replaced with fasttemplate package for reducing allocations in the replacer.Replace hotpath leading to allocation reduction which accounted for 30% of total nuclei allocations. $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/replacer BenchmarkReplacer-8 837232 1422 ns/op 2112 B/op 31 allocs/op BenchmarkReplacerNew-8 3672765 320.3 ns/op 48 B/op 4 allocs/op * Fixed tests failing * Use pre-compiled map of DSL expressions * Reworked expression parsing logic to reduce memory allocations $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions BenchmarkEvaluate-8 31560 37769 ns/op 31731 B/op 265 allocs/op BenchmarkEvaluateNew-8 109144 9621 ns/op 6253 B/op 116 allocs/op 2022-08-23 13:16:41 +05:30
			`"github.com/Knetic/govaluate"`
nuclei v3 : misc updates (#4247) * use parsed options while signing * update project layout to v3 * fix .gitignore * remove example template * misc updates * bump tlsx version * hide template sig warning with env * js: retain value while using log * fix nil pointer derefernce * misc doc update --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-10-17 17:44:13 +05:30			`"github.com/projectdiscovery/nuclei/v3/pkg/operators/common/dsl"`
Added check for unresolved variables 2021-10-07 01:40:49 +05:30			`)`

Skip unresolved expressions using a regex 2022-02-28 22:19:51 +05:30			`var (`
Fixed a bug with numerical regex in unresolved var detection (#2431) 2022-08-17 05:29:51 +05:30			numericalExpressionRegex = regexp.MustCompile(`^[0-9+\-/\W]+$`)
Skip unresolved expressions using a regex 2022-02-28 22:19:51 +05:30			unresolvedVariablesRegex = regexp.MustCompile(`(?:%7[B\|b]\|\{){2}([^}]+)(?:%7[D\|d]\|\}){2}["'\)\}]*`)
			`)`
Added check for unresolved variables 2021-10-07 01:40:49 +05:30
			`// ContainsUnresolvedVariables returns an error with variable names if the passed`
			`// input contains unresolved {{<pattern-here>}} variables.`
Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00			`func ContainsUnresolvedVariables(items ...string) error {`
			`for _, data := range items {`
			`matches := unresolvedVariablesRegex.FindAllStringSubmatch(data, -1)`
			`if len(matches) == 0 {`
			`return nil`
Added check for unresolved variables 2021-10-07 01:40:49 +05:30			`}`
improving error/args handling 2021-12-18 20:06:51 +01:00			`var unresolvedVariables []string`
			`for _, match := range matches {`
Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00			`if len(match) < 2 {`
			`continue`
			`}`
Skip unresolved expressions using a regex 2022-02-28 22:19:51 +05:30			`// Skip if the match is an expression`
			`if numericalExpressionRegex.MatchString(match[1]) {`
			`continue`
			`}`
Improving literals detection in expression engine (#2148) * Improving literals detection in expression engine * fixing lint errors * re-add accidentally deleted test 2022-06-13 10:25:06 +02:00			`// or if it contains only literals (can be solved from expression engine)`
			`if hasLiteralsOnly(match[1]) {`
			`continue`
			`}`
improving error/args handling 2021-12-18 20:06:51 +01:00			`unresolvedVariables = append(unresolvedVariables, match[1])`
Added check for unresolved variables 2021-10-07 01:40:49 +05:30			`}`
Improving payloads support in AWS self-contained requests (#1443) * Improving payloads support in AWS self-contained requests * removing internal only values from output * handling dynamic values in url 2022-01-09 13:39:50 +01:00			`if len(unresolvedVariables) > 0 {`
			`return errors.New("unresolved variables found: " + strings.Join(unresolvedVariables, ","))`
			`}`
Added check for unresolved variables 2021-10-07 01:40:49 +05:30			`}`
Add support for CLI payload variables 2021-10-07 12:36:27 +02:00
Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00			`return nil`
			`}`
Add support for CLI payload variables 2021-10-07 12:36:27 +02:00
improving error/args handling 2021-12-18 20:06:51 +01:00			`// ContainsVariablesWithNames returns an error with variable names if the passed`
			`// input contains unresolved {{<pattern-here>}} variables within the provided list`
Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00			`func ContainsVariablesWithNames(names map[string]interface{}, items ...string) error {`
			`for _, data := range items {`
			`matches := unresolvedVariablesRegex.FindAllStringSubmatch(data, -1)`
			`if len(matches) == 0 {`
			`return nil`
Add support for CLI payload variables 2021-10-07 12:36:27 +02:00			`}`
improving error/args handling 2021-12-18 20:06:51 +01:00			`var unresolvedVariables []string`
			`for _, match := range matches {`
Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00			`if len(match) < 2 {`
			`continue`
			`}`
			`matchName := match[1]`
Skip unresolved expressions using a regex 2022-02-28 22:19:51 +05:30			`// Skip if the match is an expression`
			`if numericalExpressionRegex.MatchString(matchName) {`
			`continue`
			`}`
Improving literals detection in expression engine (#2148) * Improving literals detection in expression engine * fixing lint errors * re-add accidentally deleted test 2022-06-13 10:25:06 +02:00			`// or if it contains only literals (can be solved from expression engine)`
			`if hasLiteralsOnly(match[1]) {`
			`continue`
			`}`
Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00			`if _, ok := names[matchName]; !ok {`
improving error/args handling 2021-12-18 20:06:51 +01:00			`unresolvedVariables = append(unresolvedVariables, matchName)`
Add support for CLI payload variables 2021-10-07 12:36:27 +02:00			`}`
			`}`
Improving payloads support in AWS self-contained requests (#1443) * Improving payloads support in AWS self-contained requests * removing internal only values from output * handling dynamic values in url 2022-01-09 13:39:50 +01:00			`if len(unresolvedVariables) > 0 {`
			`return errors.New("unresolved variables with values found: " + strings.Join(unresolvedVariables, ","))`
			`}`
Add support for CLI payload variables 2021-10-07 12:36:27 +02:00			`}`
Adding dns trace support in dns templates (#1236) * Adding dns trace support in dns templates + minor refactoring 2021-11-18 14:52:11 +01:00
			`return nil`
Add support for CLI payload variables 2021-10-07 12:36:27 +02:00			`}`
improving error/args handling 2021-12-18 20:06:51 +01:00
			`// ContainsVariablesWithIgnoreList returns an error with variable names if the passed`
			`// input contains unresolved {{<pattern-here>}} other than the ones listed in the ignore list`
			`func ContainsVariablesWithIgnoreList(skipNames map[string]interface{}, items ...string) error {`
			`var unresolvedVariables []string`
			`for _, data := range items {`
			`matches := unresolvedVariablesRegex.FindAllStringSubmatch(data, -1)`
			`if len(matches) == 0 {`
			`return nil`
			`}`
			`for _, match := range matches {`
			`if len(match) < 2 {`
			`continue`
			`}`
			`matchName := match[1]`
Skip unresolved expressions using a regex 2022-02-28 22:19:51 +05:30			`// Skip if the match is an expression`
			`if numericalExpressionRegex.MatchString(matchName) {`
			`continue`
			`}`
Improving literals detection in expression engine (#2148) * Improving literals detection in expression engine * fixing lint errors * re-add accidentally deleted test 2022-06-13 10:25:06 +02:00			`// or if it contains only literals (can be solved from expression engine)`
			`if hasLiteralsOnly(match[1]) {`
			`continue`
			`}`
improving error/args handling 2021-12-18 20:06:51 +01:00			`if _, ok := skipNames[matchName]; ok {`
			`continue`
			`}`
			`unresolvedVariables = append(unresolvedVariables, matchName)`
			`}`
			`}`

			`if len(unresolvedVariables) > 0 {`
			`return errors.New("unresolved variables with values found: " + strings.Join(unresolvedVariables, ","))`
			`}`
Improving payloads support in AWS self-contained requests (#1443) * Improving payloads support in AWS self-contained requests * removing internal only values from output * handling dynamic values in url 2022-01-09 13:39:50 +01:00
improving error/args handling 2021-12-18 20:06:51 +01:00			`return nil`
			`}`
Memory usage optimizations (#2350) * Replaced strings.Replaced with fasttemplate reducing allocations Custom template parsing logic was replaced with fasttemplate package for reducing allocations in the replacer.Replace hotpath leading to allocation reduction which accounted for 30% of total nuclei allocations. $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/replacer BenchmarkReplacer-8 837232 1422 ns/op 2112 B/op 31 allocs/op BenchmarkReplacerNew-8 3672765 320.3 ns/op 48 B/op 4 allocs/op * Fixed tests failing * Use pre-compiled map of DSL expressions * Reworked expression parsing logic to reduce memory allocations $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions BenchmarkEvaluate-8 31560 37769 ns/op 31731 B/op 265 allocs/op BenchmarkEvaluateNew-8 109144 9621 ns/op 6253 B/op 116 allocs/op 2022-08-23 13:16:41 +05:30
			`func hasLiteralsOnly(data string) bool {`
			`expr, err := govaluate.NewEvaluableExpressionWithFunctions(data, dsl.HelperFunctions)`
Added fuzzing support for query params + var dump feature (#2679) * Added fuzzing support for query params + var dump feature * Added query-fuzz integration test * Fixed payloads + added keys-regex fuzz parameter * Fixed interactsh not working + misc * Fixed evaluation + added global variables/dsl support to payloads * Misc fixes related to variables evaluations * Added http variables support to fuzz * misc * Misc * Added testing playground + misc renaming * Added support for path and raw request to fuzzing * Fixed fuzz integration test * Fixed variable unresolved issue * Add multiple parameter support with same name * Added parameter value as 'value' dsl variable for parts Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io> 2022-11-01 20:28:50 +05:30			`if err != nil {`
			`return false`
			`}`
Adding jarm helper via dsl (#3906) * Adding jarm helper via dsl * adding test * removing debug file * fixing tests --------- Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io> 2023-07-14 17:54:12 +02:00			`if expr != nil {`
Memory usage optimizations (#2350) * Replaced strings.Replaced with fasttemplate reducing allocations Custom template parsing logic was replaced with fasttemplate package for reducing allocations in the replacer.Replace hotpath leading to allocation reduction which accounted for 30% of total nuclei allocations. $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/replacer BenchmarkReplacer-8 837232 1422 ns/op 2112 B/op 31 allocs/op BenchmarkReplacerNew-8 3672765 320.3 ns/op 48 B/op 4 allocs/op * Fixed tests failing * Use pre-compiled map of DSL expressions * Reworked expression parsing logic to reduce memory allocations $ go test -bench=. -benchmem goos: darwin goarch: arm64 pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions BenchmarkEvaluate-8 31560 37769 ns/op 31731 B/op 265 allocs/op BenchmarkEvaluateNew-8 109144 9621 ns/op 6253 B/op 116 allocs/op 2022-08-23 13:16:41 +05:30			`_, err = expr.Evaluate(nil)`
			`return err == nil`
			`}`
			`return true`
			`}`