nmap scan causes null pointer exception

[pwhittin]

Site Commit Hash: a696e48c36e29e0225088e0c7de0358e1fa36a35

Executing the following:

nmap -A -v -v localhost

on a Linux machine running site-server causes a null pointer exception.

See the attached log file site-server.log.

Steps to reproduce:

1. Start a clean site instance by following the steps in README.adoc (i.e., bin/site-server).
2. Execute nmap command, and wait for a short period of time.

[samrose]

@pwhittin @malcolmsparks cannot recreate. When running site locally, and running the command above, my output is

 nmap -A -v -v localhost
Starting Nmap 7.92 ( https://nmap.org ) at 2022-09-03 15:25 EDT
NSE: Loaded 155 scripts for scanning.
NSE: Script Pre-scanning.
NSE: Starting runlevel 1 (of 3) scan.
Initiating NSE at 15:25
Completed NSE at 15:25, 0.00s elapsed
NSE: Starting runlevel 2 (of 3) scan.
Initiating NSE at 15:25
Completed NSE at 15:25, 0.00s elapsed
NSE: Starting runlevel 3 (of 3) scan.
Initiating NSE at 15:25
Completed NSE at 15:25, 0.00s elapsed
Initiating Ping Scan at 15:25
Scanning localhost (127.0.0.1) [2 ports]
Completed Ping Scan at 15:25, 0.00s elapsed (1 total hosts)
Initiating Connect Scan at 15:25
Scanning localhost (127.0.0.1) [1000 ports]
Discovered open port 8001/tcp on 127.0.0.1
Discovered open port 2021/tcp on 127.0.0.1
Completed Connect Scan at 15:25, 0.01s elapsed (1000 total ports)
Initiating Service scan at 15:25
Scanning 2 services on localhost (127.0.0.1)
Completed Service scan at 15:25, 11.06s elapsed (2 services on 1 host)
NSE: Script scanning 127.0.0.1.
NSE: Starting runlevel 1 (of 3) scan.
Initiating NSE at 15:25
Completed NSE at 15:25, 0.30s elapsed
NSE: Starting runlevel 2 (of 3) scan.
Initiating NSE at 15:25
Completed NSE at 15:25, 0.01s elapsed
NSE: Starting runlevel 3 (of 3) scan.
Initiating NSE at 15:25
Completed NSE at 15:25, 0.00s elapsed
Nmap scan report for localhost (127.0.0.1)
Host is up, received conn-refused (0.000019s latency).
Scanned at 2022-09-03 15:25:26 EDT for 11s
Not shown: 998 closed tcp ports (conn-refused)
PORT     STATE SERVICE  REASON  VERSION
2021/tcp open  http     syn-ack Jetty 9.4.44.v20210927
|_http-title: Site doesn't have a title (text/plain;charset=utf-8).
|_http-server-header: Jetty(9.4.44.v20210927)
| http-methods:
|   Supported Methods: GET HEAD POST OPTIONS PUT
|_  Potentially risky methods: PUT
8001/tcp open  java-rmi syn-ack Java RMI
| rmi-dumpregistry:
|   jmxrmi
|     javax.management.remote.rmi.RMIServerImpl_Stub
|     @127.0.1.1:37997
|     extends
|       java.rmi.server.RemoteStub
|       extends
|_        java.rmi.server.RemoteObject

NSE: Script Post-scanning.
NSE: Starting runlevel 1 (of 3) scan.
Initiating NSE at 15:25
Completed NSE at 15:25, 0.00s elapsed
NSE: Starting runlevel 2 (of 3) scan.
Initiating NSE at 15:25
Completed NSE at 15:25, 0.00s elapsed
NSE: Starting runlevel 3 (of 3) scan.
Initiating NSE at 15:25
Completed NSE at 15:25, 0.00s elapsed
Read data files from: /nix/store/b78v66zss99dbjc16fav6gi1ppwjsxgc-nmap-7.92/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 11.74 seconds

[pwhittin]

I just did a git clone of site (version 429efcd717fbc7a17f1eb20ca5b964b1915ad34a), and I configured it:

1. Copied site/etc/config.edn into my ~/.config/site directory
2. Removed the existing ~/.local/share/site/

Next I executed the following:

bin/site-server 2>&1 | tee site-server.log

See the attached site-server.log file.

Next I executed the following:

nmap -A -v -v localhost 2>&1 | tee nmap.log

See the attached nmap.log file.

Within the file site-server.log note the following lines:

2022-09-06 08:33:02.009:WARN:oejs.HttpChannel:qtp1492187284-23: /
java.lang.NullPointerException: Cannot invoke "java.lang.CharSequence.length()" because "this.text" is null
    at java.base/java.util.regex.Matcher.getTextLength(Matcher.java:1769)
    at java.base/java.util.regex.Matcher.reset(Matcher.java:415)
    at java.base/java.util.regex.Matcher.<init>(Matcher.java:252)
    at java.base/java.util.regex.Pattern.matcher(Pattern.java:1134)
    at clojure.core$re_matcher.invokeStatic(core.clj:4881)
    at clojure.core$re_matcher.invoke(core.clj:4874)
    at juxt.reap.alpha.regex$input.invokeStatic(regex.clj:75)
    at juxt.reap.alpha.regex$input.invoke(regex.clj:74)
    at juxt.site.alpha.handler$wrap_initialize_request$fn__24906.invoke(handler.clj:1057)
    at juxt.site.alpha.handler$wrap_healthcheck$fn__24933.invoke(handler.clj:1153)
    at juxt.site.alpha.handler$wrap_ring_1_adapter$fn__24914.invoke(handler.clj:1107)
    at ring.adapter.jetty$proxy_handler$fn__8456.invoke(jetty.clj:27)
    at ring.adapter.jetty.proxy$org.eclipse.jetty.server.handler.AbstractHandler$ff19274a.handle(Unknown Source)
    at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
    at org.eclipse.jetty.server.Server.handle(Server.java:516)
    at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:400)
    at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:645)
    at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:392)
    at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)
    at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)
    at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)
    at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)
    at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)
    at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)
    at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)
    at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.produce(EatWhatYouKill.java:137)
    at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)
    at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)
    at java.base/java.lang.Thread.run(Thread.java:833)

I've attached the following files:

• git.log, showing the result of executing git log | head
• nmap.log, showing the output of nmap -A -v -v localhost
• site-server.log, showing the output of site-server
• system.log, showing information about the Linux system hosting site and nmap

git.log nmap.log site-server.log system.log