ffuf panic runtime error crash

[marcopolo157]

Ffuf will crash If the server returns:

HTTP/1.1 304 Not Modified
Date: Thu, 16 Jul 2020 14:09:54 GMT
Content-Length: 0
Connection: close
Server: nginx
X-Gateway-Host: e41c18f32e0096938627f3a9d509564c5066afdc6efb8e00d453044ab9818d77921c136cfa3ea867019d1f2729e823d6
X-Backend-Host: 0481:10089

stack trace:

panic: runtime error: index out of range [0] with length 0

goroutine 7 [running]:
github.com/ffuf/ffuf/pkg/ffuf.(*Response).GetRedirectLocation(0xc0000f3d70, 0xc000085100, 0x831d18, 0x4)
    /home/joona/go/src_old/github.com/ffuf/ffuf/pkg/ffuf/response.go:27 +0x17c
github.com/ffuf/ffuf/pkg/output.(*Stdoutput).Result(0xc0000922c0, 0x130, 0xc000085170, 0xc0001c0000, 0x0, 0x200, 0x0, 0x1, 0x1, 0x0, ...)
    /home/joona/go/src_old/github.com/ffuf/ffuf/pkg/output/stdout.go:236 +0x1c9
github.com/ffuf/ffuf/pkg/ffuf.(*Job).runTask(0xc0000f0000, 0xc000110030, 0x1, 0x0)
    /home/joona/go/src_old/github.com/ffuf/ffuf/pkg/ffuf/job.go:277 +0x43e
github.com/ffuf/ffuf/pkg/ffuf.(*Job).startExecution.func1(0xc00010e000, 0xc000016100, 0xc0000f0000, 0xc000110030, 0x1)
    /home/joona/go/src_old/github.com/ffuf/ffuf/pkg/ffuf/job.go:145 +0xd0
created by github.com/ffuf/ffuf/pkg/ffuf.(*Job).startExecution
    /home/joona/go/src_old/github.com/ffuf/ffuf/pkg/ffuf/job.go:142 +0x16d

Command used:

./ffuf -w fuzz.txt -u "https://host/FUZZ" -mc all -o output.json -of json

[gehaxelt]

Same happened to me :+1:

[bsysop]

Hi @gehaxelt and @marcopolo157

Did you have a scenario which always it happens, easy to reproduce and debug?

[joohoi]

I was able to reproduce the issue, and to fix it. Thanks for bringing it up!