From 4b55c26fc03413bcc42b98a570ed40cc07cdf1ed Mon Sep 17 00:00:00 2001
From: Tarun Koyalwar <45962551+tarunKoyalwar@users.noreply.github.com>
Date: Mon, 19 Feb 2024 02:09:52 +0530
Subject: [PATCH] add header nil check (#4766)

---
 pkg/protocols/http/httputils/normalization.go | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/pkg/protocols/http/httputils/normalization.go b/pkg/protocols/http/httputils/normalization.go
index 010e7aa21..86af71240 100644
--- a/pkg/protocols/http/httputils/normalization.go
+++ b/pkg/protocols/http/httputils/normalization.go
@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"compress/gzip"
 	"compress/zlib"
+	"fmt"
 	"io"
 	"net/http"
 	"strings"
@@ -19,11 +20,18 @@ import (
 // and fills body buffer with actual response body.
 func readNNormalizeRespBody(rc *ResponseChain, body *bytes.Buffer) (err error) {
 	response := rc.resp
+	if response == nil {
+		return fmt.Errorf("something went wrong response is nil")
+	}
 	// net/http doesn't automatically decompress the response body if an
 	// encoding has been specified by the user in the request so in case we have to
 	// manually do it.
 
 	origBody := rc.resp.Body
+	if origBody == nil {
+		// skip normalization if body is nil
+		return nil
+	}
 	// wrap with decode if applicable
 	wrapped, err := wrapDecodeReader(response)
 	if err != nil {
@@ -41,6 +49,9 @@ func readNNormalizeRespBody(rc *ResponseChain, body *bytes.Buffer) (err error) {
 		}
 		if stringsutil.ContainsAny(err.Error(), "unexpected EOF", "read: connection reset by peer", "user canceled") {
 			// keep partial body and continue (skip error) (add meta header in response for debugging)
+			if response.Header == nil {
+				response.Header = make(http.Header)
+			}
 			response.Header.Set("x-nuclei-ignore-error", err.Error())
 			return nil
 		}