Merge pull request #6368 from projectdiscovery/fix/waf-detector-nil-pointer

fix: prevent nil pointer panic in WAF detector
2025-12-17 17:25:28 +00:00 · 2025-08-06 01:53:14 +05:30 · 2025-08-06 01:53:14 +05:30 · bba2c3a576
commit bba2c3a576
parent cff86b5c98 b685d637f3
2 changed files with 67 additions and 2 deletions
--- a/pkg/output/stats/waf/waf.go
+++ b/pkg/output/stats/waf/waf.go
@ -53,8 +53,12 @@ func NewWafDetector() *WafDetector {
 }

 func (d *WafDetector) DetectWAF(content string) (string, bool) {
+	if d == nil || d.regexCache == nil {
+		return "", false
+	}
+
 	for id, regex := range d.regexCache {
-		if regex.MatchString(content) {
+		if regex != nil && regex.MatchString(content) {
 			return id, true
 		}
 	}
--- a/pkg/output/stats/waf/waf_test.go
+++ b/pkg/output/stats/waf/waf_test.go
@ -1,6 +1,9 @@
 package waf

-import "testing"
+import (
+	"regexp"
+	"testing"
+)

 func TestWAFDetection(t *testing.T) {
 	detector := NewWafDetector()
@ -58,3 +61,61 @@ func TestWAFDetection(t *testing.T) {
 		})
 	}
 }
+
+func TestWAFDetectionNilPointerSafety(t *testing.T) {
+	tests := []struct {
+		name     string
+		detector *WafDetector
+		content  string
+	}{
+		{
+			name:     "nil detector",
+			detector: nil,
+			content:  "test content",
+		},
+		{
+			name: "nil regexCache",
+			detector: &WafDetector{
+				wafs:       make(map[string]waf),
+				regexCache: nil,
+			},
+			content: "test content",
+		},
+		{
+			name: "regexCache with nil regex",
+			detector: &WafDetector{
+				wafs: make(map[string]waf),
+				regexCache: map[string]*regexp.Regexp{
+					"test": nil,
+				},
+			},
+			content: "test content",
+		},
+		{
+			name: "empty regexCache",
+			detector: &WafDetector{
+				wafs:       make(map[string]waf),
+				regexCache: make(map[string]*regexp.Regexp),
+			},
+			content: "test content",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			defer func() {
+				if r := recover(); r != nil {
+					t.Errorf("DetectWAF panicked with nil pointer: %v", r)
+				}
+			}()
+
+			waf, matched := tt.detector.DetectWAF(tt.content)
+			if matched {
+				t.Errorf("expected no match for nil pointer case, got match=true, waf=%s", waf)
+			}
+			if waf != "" {
+				t.Errorf("expected empty WAF string for nil pointer case, got waf=%s", waf)
+			}
+		})
+	}
+}