search

zaproxy / zaproxy

The ZAP by Checkmarx Core project
https://www.zaproxy.org
Apache License 2.0
12.69k stars 2.26k forks source link

Job spiderAjax fails with no parameters: unsupported format in excluded elements: java.lang.NullPointerException #7889

Closed AndreyMZ closed 1 year ago

AndreyMZ commented 1 year ago

Describe the bug

See below.

Steps to reproduce the behavior

cat <<EOF > config.yaml
env:
  contexts:
    - name: my_context
      urls:
        - https://example.com/
jobs:
  - type: spiderAjax
EOF
cat config.yaml | docker run --rm --interactive -- owasp/zap2docker-stable:2.12.0 zap.sh -cmd -addonupdate -autorun /dev/stdin

Actual result:

$ cat config.yaml | docker run --rm --interactive -- owasp/zap2docker-stable:2.12.0 zap.sh -cmd -addonupdate -autorun /dev/stdin
Found Java version 11.0.18
Available memory: 15799 MB
Using JVM args: -Xmx3949m
2247 [main] INFO  org.parosproxy.paros.Constant - Copying default configuration to /home/zap/.ZAP/config.xml
2813 [main] INFO  org.parosproxy.paros.Constant - Creating directory /home/zap/.ZAP/session
2814 [main] INFO  org.parosproxy.paros.Constant - Creating directory /home/zap/.ZAP/dirbuster
2814 [main] INFO  org.parosproxy.paros.Constant - Creating directory /home/zap/.ZAP/fuzzers
2814 [main] INFO  org.parosproxy.paros.Constant - Creating directory /home/zap/.ZAP/plugin
Jun 02, 2023 2:33:24 PM java.util.prefs.FileSystemPreferences$1 run
INFO: Created user preferences directory.
Add-on downloaded to: /home/zap/.ZAP/plugin/domxss-release-15.zap
Add-on downloaded to: /home/zap/.ZAP/plugin/retire-release-0.23.0.zap
Add-on downloaded to: /home/zap/.ZAP/plugin/formhandler-beta-6.3.0.zap
Add-on downloaded to: /home/zap/.ZAP/plugin/spiderAjax-release-23.14.0.zap
Add-on downloaded to: /home/zap/.ZAP/plugin/graphql-alpha-0.16.0.zap
Add-on downloaded to: /home/zap/.ZAP/plugin/webdriverlinux-release-56.zap
Add-on downloaded to: /home/zap/.ZAP/plugin/selenium-release-15.12.1.zap
Add-on update check complete
Job spiderAjax unsupported format in excluded elements: java.lang.NullPointerException
Automation plan failures:
        Job spiderAjax unsupported format in excluded elements: java.lang.NullPointerException

Expected behavior

No such error.

Software versions

$ docker run --rm -- owasp/zap2docker-stable:2.12.0 zap.sh -cmd -addonupdate -suppinfo
Found Java version 11.0.18
Available memory: 15799 MB
Using JVM args: -Xmx3949m
443 [main] INFO  org.parosproxy.paros.Constant - Copying default configuration to /home/zap/.ZAP/config.xml
537 [main] INFO  org.parosproxy.paros.Constant - Creating directory /home/zap/.ZAP/session
537 [main] INFO  org.parosproxy.paros.Constant - Creating directory /home/zap/.ZAP/dirbuster
538 [main] INFO  org.parosproxy.paros.Constant - Creating directory /home/zap/.ZAP/fuzzers
538 [main] INFO  org.parosproxy.paros.Constant - Creating directory /home/zap/.ZAP/plugin
Jun 02, 2023 2:44:57 PM java.util.prefs.FileSystemPreferences$1 run
INFO: Created user preferences directory.
OWASP ZAP
Version: 2.12.0
Installed Add-ons: [[id=alertFilters, version=15.0.0], [id=ascanrules, version=54.0.0], [id=automation, version=0.28.0], [id=bruteforce, version=12.0.0], [id=callhome, version=0.6.0], [id=commonlib, version=1.14.0], [id=database, version=0.1.0], [id=diff, version=12.0.0], [id=directorylistv1, version=5.0.0], [id=domxss, version=14.0.0], [id=encoder, version=1.1.0], [id=exim, version=0.5.0], [id=formhandler, version=6.2.1], [id=fuzz, version=13.9.0], [id=gettingStarted, version=14.0.0], [id=graaljs, version=0.3.0], [id=graphql, version=0.15.0], [id=help, version=15.0.0], [id=hud, version=0.16.0], [id=invoke, version=12.0.0], [id=network, version=0.8.0], [id=oast, version=0.15.0], [id=onlineMenu, version=10.0.0], [id=openapi, version=33.0.0], [id=pscanrules, version=48.0.0], [id=quickstart, version=37.0.0], [id=replacer, version=12.0.0], [id=reports, version=0.20.0], [id=requester, version=7.2.0], [id=retest, version=0.5.0], [id=retire, version=0.22.0], [id=reveal, version=5.0.0], [id=scripts, version=38.0.0], [id=selenium, version=15.11.0], [id=soap, version=17.0.0], [id=spider, version=0.4.0], [id=spiderAjax, version=23.13.1], [id=tips, version=10.0.0], [id=webdriverlinux, version=55.0.0], [id=websocket, version=28.0.0], [id=zest, version=38.0.0]]
Operating System: Linux
Architecture: amd64
Java Version: Debian 11.0.18
System's Locale: en
Display Locale: en_GB
Format Locale: en_GB
Default Charset: UTF-8
ZAP Home Directory: /home/zap/.ZAP/
ZAP Installation Directory: /zap/./
Look and Feel: Metal (javax.swing.plaf.metal.MetalLookAndFeel)

Screenshots

No response

Errors from the zap.log file

2023-06-02 14:12:31,265 [main ] ERROR CommandLine - Job spiderAjax unsupported format in excluded elements: java.lang.NullPointerException

Additional context

Most probably this bug was introduced by https://github.com/zaproxy/zap-extensions/commit/45246cececb8c432d8d090ac530babf397809a81.

Would you like to help fix this issue?

github-actions[bot] commented 1 year ago

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.