AttributeError: 'NoneType' object has no attribute 'getFile'

[fenceposterror]

Hi,

I occasionally get this error:

Traceback (most recent call last):
  File "/home/user/.BurpSuite/bapps/e63f09f290ad4d9ea20031e84767b303/ResponseClusterer.py", line 249, in processHttpMessage
    if '.' in iRequestInfo.getUrl().getFile() and iRequestInfo.getUrl().getFile().split('.')[-1] in self.uninteresting_url_file_extensions:
AttributeError: 'NoneType' object has no attribute 'getFile'

    at org.python.core.Py.AttributeError(Py.java:205)
    at org.python.core.PyObject.noAttributeError(PyObject.java:1013)
    at org.python.core.PyObject.__getattr__(PyObject.java:1008)
    at org.python.pycode._pyx4.processHttpMessage$9(/home/user/.BurpSuite/bapps/e63f09f290ad4d9ea20031e84767b303/ResponseClusterer.py:275)
    at org.python.pycode._pyx4.call_function(/home/user/.BurpSuite/bapps/e63f09f290ad4d9ea20031e84767b303/ResponseClusterer.py)
    at org.python.core.PyTableCode.call(PyTableCode.java:167)
    at org.python.core.PyBaseCode.call(PyBaseCode.java:307)
    at org.python.core.PyBaseCode.call(PyBaseCode.java:198)
    at org.python.core.PyFunction.__call__(PyFunction.java:482)
    at org.python.core.PyMethod.instancemethod___call__(PyMethod.java:237)
    at org.python.core.PyMethod.__call__(PyMethod.java:228)
    at org.python.core.PyMethod.__call__(PyMethod.java:218)
    at org.python.core.PyMethod.__call__(PyMethod.java:213)
    at org.python.core.PyObject._jcallexc(PyObject.java:3626)
    at org.python.core.PyObject._jcall(PyObject.java:3658)
    at org.python.proxies.__main__$BurpExtender$0.processHttpMessage(Unknown Source)
    at burp.an3.run(Unknown Source)
    at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
    at java.base/java.lang.Thread.run(Thread.java:834)

I assume this could be easily fixed by prepending a iRequestInfo.getUrl().getFile() and in the if statement. Unfortunately, I can't reproduce the error, since I don't know which of the requests actually triggered it. 👎

[floyd-fuh]

This doesn't mean the extension is not running properly. This just means that the single invocation will lead to an exception, meaning we return early from processHttpMessage. And the fix I would implement, would return early from processHttpMessage just without printing the exception. So same same but different. However, it's not worth touching the code and pushing a new version just to not print an exception (I'll do it in a future release when I touch the code anyway).

What I wonder more is why getUrl() would return None at all. Because I call analyzeRequest with an argument of IHttpRequestResponse which is the original object provided by the Burp API. It should have an IHttpService. My best bet is that you have an extension that breaks the request so that it's not possible to determine the URL. For example what would a request line of GET /threeSpaces /isBad HTTP/1.1 mean? You can send that, but the server should return 400 for that.

Sidenote: I would understand if it would return None if we would just pass it a byte[] request but that's not whats happening here. Because if that's the case, the IHttpService object is missing, therefore Burp can't know if this request was sent via HTTP or HTTPS and also can't be sure that the HTTP host header actually corresponds to where the TCP/IP connection is going to. Therefore, Burp wouldn't be able to decide if it is an http:// or https:// URL.

Btw. we need to check that iRequestInfo.getUrl() is not None, not iRequestInfo.getUrl().getFile()