search

OpticFusion1 / MCAntiMalware

Anti-Malware for minecraft
https://www.spigotmc.org/resources/spigot-anti-malware-detects-over-200-malicious-plugins.64982/
GNU General Public License v3.0
293 stars 29 forks source link

[BUG] SQLite exception #522

Closed SlimeDog closed 2 years ago

SlimeDog commented 2 years ago

Describe the bug A clear and concise description of what the bug is.

$ java -version
java version "17.0.2" 2022-01-18 LTS
Java(TM) SE Runtime Environment (build 17.0.2+8-LTS-86)
Java HotSpot(TM) 64-Bit Server VM (build 17.0.2+8-LTS-86, mixed mode, sharing)
$ java -jar MCAntiMalware-13.3 --printNotInfectedMessages false --scanFile /tmp/PowerNBT-1.1.0.jar 
[AntiMalware] [09:40:46] [INFO]: Using locale en
[AntiMalware] [09:40:46] [INFO]: Initializing
[AntiMalware] [09:40:46] [INFO]: Any bugs and/or false-positives should be reported either on the GitHub repo, plugin discussion page, or on the discord server 
org.sqlite.SQLiteException: [SQLITE_CORRUPT]  The database disk image is malformed (database disk image is malformed)
    at org.sqlite.core.DB.newSQLException(DB.java:1030)
    at org.sqlite.core.DB.newSQLException(DB.java:1042)
    at org.sqlite.core.DB.throwex(DB.java:1007)
    at org.sqlite.core.NativeDB.prepare_utf8(Native Method)
    at org.sqlite.core.NativeDB.prepare(NativeDB.java:137)
    at org.sqlite.core.DB.prepare(DB.java:257)
    at org.sqlite.core.CorePreparedStatement.<init>(CorePreparedStatement.java:45)
    at org.sqlite.jdbc3.JDBC3PreparedStatement.<init>(JDBC3PreparedStatement.java:30)
    at org.sqlite.jdbc4.JDBC4PreparedStatement.<init>(JDBC4PreparedStatement.java:25)
    at org.sqlite.jdbc4.JDBC4Connection.prepareStatement(JDBC4Connection.java:35)
    at org.sqlite.jdbc3.JDBC3Connection.prepareStatement(JDBC3Connection.java:241)
    at org.sqlite.jdbc3.JDBC3Connection.prepareStatement(JDBC3Connection.java:205)
    at optic_fusion1.antimalware.database.Database.get(Database.java:200)
    at optic_fusion1.antimalware.database.Database.getBlacklistedClasspaths(Database.java:72)
    at optic_fusion1.antimalware.check.CacheContainer.<init>(CacheContainer.java:56)
    at optic_fusion1.antimalware.AntiMalware.init(AntiMalware.java:67)
    at optic_fusion1.antimalware.AntiMalware.run(AntiMalware.java:61)
[AntiMalware] [09:40:46] [INFO]: Registering checks
[AntiMalware] [09:40:46] [INFO]: Finished registering checks
java.lang.NullPointerException: Cannot invoke "java.util.HashSet.contains(Object)" because "this.blacklistedFileNames" is null
    at optic_fusion1.antimalware.check.CacheContainer.containsBlacklistedFileName(CacheContainer.java:182)
    at optic_fusion1.antimalware.scanner.Scanner.scanFile(Scanner.java:171)
    at optic_fusion1.antimalware.scanner.Scanner.run(Scanner.java:100)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
    at java.base/java.lang.Thread.run(Thread.java:833)

To Reproduce Steps to reproduce the behavior:

  1. Download https://www.spigotmc.org/resources/powernbt.9098/ version 1.1.0
  2. Run MCA per above

Expected behavior A clear and concise description of what you expected to happen. For other plugins, output looks like

[AntiMalware] [09:47:11] [INFO]: Using locale en
[AntiMalware] [09:47:11] [INFO]: Initializing
[AntiMalware] [09:47:11] [INFO]: Any bugs and/or false-positives should be reported either on the GitHub repo, plugin discussion page, or on the discord server 
[AntiMalware] [09:47:11] [INFO]: Registering checks
[AntiMalware] [09:47:11] [INFO]: Finished registering checks
Remaining files to scan: 0
OpticFusion1 commented 2 years ago

fuck

OpticFusion1 commented 2 years ago

Checked with 13.3 and I didn't run into this issue.

SlimeDog commented 2 years ago

I am running 13.3. What other information can I provide?

Janmm14 commented 2 years ago

Maybe the antimalware database file he has is corrupted?

SlimeDog commented 2 years ago

Deleted AntiMalware/* SQLite corruption is gone. Now I get

[AntiMalware] [07:17:08] [INFO]: Using locale en
[AntiMalware] [07:17:08] [INFO]: Initializing
[AntiMalware] [07:17:08] [INFO]: Any bugs and/or false-positives should be reported either on the GitHub repo, plugin discussion page, or on the discord server 
[AntiMalware] [07:17:08] [INFO]: Registering checks
[AntiMalware] [07:17:08] [INFO]: Finished registering checks
[AntiMalware] [07:17:08] [SEVERE]: Failed to set config section Key: powernbt. Value: {description=use nbt commands (silent mode), usage=/nbt. ... use [Tab] key for help, permission=powernbt.use, aliases=[pnbt., nbt.]}
Remaining files to scan: 0

caused by error in plugin.yml

$ cat plugin.yml 
name: PowerNBT
description: Powerful nbt editor for bukkit
author: DPOH-VAR
main: me.dpohvar.powernbt.PowerNBT
website: https://github.com/flinbein/powernbt
version: 1.0.2
softdepend:
    - VarScript
commands:
    powernbt:
        description: use nbt commands
        usage: /nbt ... use [Tab] key for help
        permission: powernbt.use
        aliases:
            - pnbt
            - nbt
    powernbt.:
        description: use nbt commands (silent mode)
        usage: /nbt. ... use [Tab] key for help
        permission: powernbt.use
        aliases:
            - pnbt.
            - nbt.
OpticFusion1 commented 2 years ago

Maybe the antimalware database file he has is corrupted?

No? I ran the Anti-Malware and it ran fine. It's possible the database that's built-in to the jar is corrupted though.

OpticFusion1 commented 2 years ago

Deleted AntiMalware/* SQLite corruption is gone. Now I get

[AntiMalware] [07:17:08] [INFO]: Using locale en
[AntiMalware] [07:17:08] [INFO]: Initializing
[AntiMalware] [07:17:08] [INFO]: Any bugs and/or false-positives should be reported either on the GitHub repo, plugin discussion page, or on the discord server 
[AntiMalware] [07:17:08] [INFO]: Registering checks
[AntiMalware] [07:17:08] [INFO]: Finished registering checks
[AntiMalware] [07:17:08] [SEVERE]: Failed to set config section Key: powernbt. Value: {description=use nbt commands (silent mode), usage=/nbt. ... use [Tab] key for help, permission=powernbt.use, aliases=[pnbt., nbt.]}
Remaining files to scan: 0

caused by error in plugin.yml

$ cat plugin.yml 
name: PowerNBT
description: Powerful nbt editor for bukkit
author: DPOH-VAR
main: me.dpohvar.powernbt.PowerNBT
website: https://github.com/flinbein/powernbt
version: 1.0.2
softdepend:
    - VarScript
commands:
    powernbt:
        description: use nbt commands
        usage: /nbt ... use [Tab] key for help
        permission: powernbt.use
        aliases:
            - pnbt
            - nbt
    powernbt.:
        description: use nbt commands (silent mode)
        usage: /nbt. ... use [Tab] key for help
        permission: powernbt.use
        aliases:
            - pnbt.
            - nbt.

This is pretty much harmless. The yml itself however does seem to have issues though, i.e. .'s where there shouldn't be.

SlimeDog commented 2 years ago

OK. I posted an issue on his Github. Thanks.