From 5b99921d75b48f30d22f8ead6d459f6e58337a7f Mon Sep 17 00:00:00 2001 From: Sajad Parra Date: Tue, 30 Nov 2021 20:20:43 +0530 Subject: [PATCH] add unit and integration tests for dsl variable #555 --- .../http/dsl-matcher-variable.yaml | 23 +++++++++++++++++++ v2/cmd/integration-test/http.go | 22 ++++++++++++++++++ v2/pkg/operators/matchers/match_test.go | 18 +++++++++++++++ 3 files changed, 63 insertions(+) create mode 100644 integration_tests/http/dsl-matcher-variable.yaml diff --git a/integration_tests/http/dsl-matcher-variable.yaml b/integration_tests/http/dsl-matcher-variable.yaml new file mode 100644 index 000000000..ecbe5f9e5 --- /dev/null +++ b/integration_tests/http/dsl-matcher-variable.yaml @@ -0,0 +1,23 @@ +id: dsl-matcher-variable + +info: + name: dsl-matcher-variable + author: pd-team + severity: info + +requests: + - + path: + - "{{BaseURL}}" + payloads: + VALUES: + - This + - is + - test + - matcher + - text + matchers: + - + dsl: + - 'contains(body,"{{VALUES}}")' + type: dsl \ No newline at end of file diff --git a/v2/cmd/integration-test/http.go b/v2/cmd/integration-test/http.go index 1890048d2..ebf245317 100644 --- a/v2/cmd/integration-test/http.go +++ b/v2/cmd/integration-test/http.go @@ -36,6 +36,7 @@ var httpTestcases = map[string]testutils.TestCase{ "http/get-case-insensitive.yaml": &httpGetCaseInsensitive{}, "http/get.yaml,http/get-case-insensitive.yaml": &httpGetCaseInsensitiveCluster{}, "http/get-redirects-chain-headers.yaml": &httpGetRedirectsChainHeaders{}, + "http/dsl-matcher-variable.yaml": &httpDSLVariable{}, } type httpInteractshRequest struct{} @@ -155,6 +156,27 @@ func (h *httpGet) Execute(filePath string) error { return nil } +type httpDSLVariable struct{} + +// Execute executes a test case and returns an error if occurred +func (h *httpDSLVariable) Execute(filePath string) error { + router := httprouter.New() + router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) { + fmt.Fprintf(w, "This is test matcher text") + }) + ts := httptest.NewServer(router) + defer ts.Close() + + results, err := testutils.RunNucleiTemplateAndGetResults(filePath, ts.URL, debug) + if err != nil { + return err + } + if len(results) != 5 { + return errIncorrectResultsCount(results) + } + return nil +} + type httpPostBody struct{} // Execute executes a test case and returns an error if occurred diff --git a/v2/pkg/operators/matchers/match_test.go b/v2/pkg/operators/matchers/match_test.go index b52adbc6d..68a6d1b01 100644 --- a/v2/pkg/operators/matchers/match_test.go +++ b/v2/pkg/operators/matchers/match_test.go @@ -3,6 +3,8 @@ package matchers import ( "testing" + "github.com/Knetic/govaluate" + "github.com/projectdiscovery/nuclei/v2/pkg/operators/common/dsl" "github.com/stretchr/testify/require" ) @@ -71,3 +73,19 @@ func TestHexEncoding(t *testing.T) { require.True(t, isMatched, "Could not match valid Hex condition") require.Equal(t, m.Words, matched) } + +func TestMatcher_MatchDSL(t *testing.T) { + compiled, err := govaluate.NewEvaluableExpressionWithFunctions("contains(body, \"{{VARIABLE}}\")", dsl.HelperFunctions()) + require.Nil(t, err, "couldn't compile expression") + + m := &Matcher{Type: MatcherTypeHolder{MatcherType: DSLMatcher}, dslCompiled: []*govaluate.EvaluableExpression{compiled}} + err = m.CompileMatchers() + require.Nil(t, err, "could not compile matcher") + + values := []string{"PING", "pong"} + + for value := range values { + isMatched := m.MatchDSL(map[string]interface{}{"body": value, "VARIABLE": value}) + require.True(t, isMatched) + } +}