search

HXSecurity / DongTai

Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabilities in Java applications and third-party components through passive instrumentation. It is particularly suitable for use in the testing phase of the development pipeline.
https://dongtai.io
Apache License 2.0
1.24k stars 145 forks source link

[Bug]: logservice fails to send the message and throw a time out error after dongtai-server is restarted #1934

Open zzzskd opened 6 months ago

zzzskd commented 6 months ago

Preflight Checklist

Version

1.16.0

Installation Type

Official Docker Compose

Service Name

DongTai-OpenAPI

Describe the details of the bug and the steps to reproduce it

logservice fails to send the message and throw a time out error after dongtai-server is restarted.

  1. restart dongtai-server in docker compose
  2. trigger vulnerability
  3. then you will see a time out exception from dongtai-server

  4. and iast unable to detect the vulnerability

    It is recommended to send msg in chunks.

https://github.com/HXSecurity/DongTai/blob/develop/dongtai_protocol/report/log_service.py#L43

Additional Information

No response

Logs

No response