search

blst-security / cherrybomb

Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
https://www.blstsecurity.com/cherrybomb
Apache License 2.0
1.08k stars 78 forks source link

thread 'main' panicked, called `Option::unwrap()` on a `None` value #146

Open abnair24 opened 8 months ago

abnair24 commented 8 months ago

Describe the bug On running cherrybomb with openapi.json, below error is observed

Starting Cherrybomb... Opening OAS file... Reading OAS file... Parsing OAS file... Running active scan... thread 'main' panicked at cherrybomb-engine/src/scan/active/http_client/req.rs:86:53: called Option::unwrap() on a None value

To Reproduce Steps to reproduce the behavior:

  1. Run cherrybomb -f openapi.json --profile=full

Expected behavior A clear and concise description of what you expected to happen.

Screenshots If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

Additional context Add any other context about the problem here.

DeliciousBounty commented 8 months ago

Hello, @abnair24! Could you please provide your OAS file? There appears to be a problem with it. I will check that.

abnair24 commented 7 months ago

@DeliciousBounty , I cant share the OAS as its restricted to company environment. Also file is throwing any issue in any of spec validators.

DeliciousBounty commented 7 months ago

@abnair24 There is a server section in the file?