mirror of
https://github.com/projectdiscovery/nuclei.git
synced 2025-12-18 04:35:24 +00:00
e7968de431
resolve deadlock that occurs when dynamic auth templates trigger recursive auth requests during execution. RCA: 1. `GetStrategies()` calls `Fetch()` to retrieve auth creds. 2. `Fetch()` executes auth template via cb. 3. template exec triggers HTTP requests requiring auth. 4. recursive calls `GetStrategies()` → `Fetch()` cause deadlock on mutex. notable changes: * add `fetching` flag to `Dynamic` struct to track fetch-in-progress state. * modify `GetStrategies()` to return empty strategies if already fetching. * update `Fetch()` method with proper recursive call prevention. * use mutex-protected flag reads to ensure thread safety. * refactor `GetStrategies()` with local function for code reuse. this prevents infinite recursion during auth template execution while maintaining proper sync and err handling. fixes goroutine deadlocks in auth system when using dynamic secrets with templates that require auth. Signed-off-by: Dwi Siswanto <git@dw1.io>