Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG][SIGSEGV] Segmentation fault when user doesn't exist #93

Open
nil0x42 opened this issue Mar 8, 2021 · 2 comments
Open

[BUG][SIGSEGV] Segmentation fault when user doesn't exist #93

nil0x42 opened this issue Mar 8, 2021 · 2 comments
Labels
Bug Something isn't working Target Where the secrets are found
Milestone
Milestone 1

Comments

@nil0x42
Copy link

nil0x42 commented Mar 8, 2021

Issue:

____    __    ____ .______          ___       __  .___________. __    __                                                                                                     
\   \  /  \  /   / |   _  \        /   \     |  | |           ||  |  |  |                                                                                                    
 \   \/    \/   /  |  |_)  |      /  ^  \    |  | `---|  |----`|  |__|  |                                                                                                    
  \            /   |      /      /  /_\  \   |  |     |  |     |   __   |                                                                                                    
   \    /\    /    |  |\  \----./  _____  \  |  |     |  |     |  |  |  |                                                                                                    
    \__/  \__/     | _| `._____/__/     \__\ |__|     |__|     |__|  |__|                                                                                                    
                                                                                                                                                                             
                                                                                                                                                                             
                                                                                                                                                                             
wraith v0.0.6 started at 2021-03-08T16:01:08Z                                                                                                                                
Loaded 0 signatures.                                                                                                                                                         
Web interface available at http://127.0.0.1:9393                                                                                                                             Gathering users...
Unable to collect user <nil>: GET https://api.github.com/users/USER1234567777: 404 Not Found []
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0xcf3ac3]

goroutine 1 [running]:
wraith/core.(*Session).addUser(0xc00017c580, 0x0)
        /root/tools/git/wraith/core/github.go:66 +0xe3
wraith/core.GatherUsers(0xc00017c580)
        /root/tools/git/wraith/core/github.go:100 +0x1d9
wraith/cmd.glob..func1(0x1654840, 0xc000128480, 0x0, 0x8)
        /root/tools/git/wraith/cmd/scanGithub.go:52 +0x8e6
github.com/spf13/cobra.(*Command).execute(0x1654840, 0xc000128400, 0x8, 0x8, 0x1654840, 0xc000128400)
        /root/tools/go/pkg/mod/github.com/spf13/[email protected]/command.go:854 +0x2c2
github.com/spf13/cobra.(*Command).ExecuteC(0x16545a0, 0x44736a, 0x15b16c0, 0xc000000180)
        /root/tools/go/pkg/mod/github.com/spf13/[email protected]/command.go:958 +0x375
github.com/spf13/cobra.(*Command).Execute(...)
        /root/tools/go/pkg/mod/github.com/spf13/[email protected]/command.go:895
wraith/cmd.Execute()
        /root/tools/git/wraith/cmd/root.go:22 +0x31
main.main()
        /root/tools/git/wraith/main.go:29 +0x25

Steps to reproduce:

I go this problem by running this command:

wraith scanGithub --num-threads 4 --github-api-token $GITHUB_ACCESS_TOKEN --github-users user1,user2,user3,...

Note: the list of users was large (~100), and the bug was due to the fact that one of the users in the list did not exist anymore.
@mattyjones
Copy link
Collaborator

I will look into this, looking at the above is, it looks like the user was not found, not an issue with wraith. I can look to add some defensive coding around this. There is already a branch looking at adding significant defensive code for exceptions and missing configs. Always happy to take pull requests off the develop branch.

@nil0x42

@mattyjones mattyjones added Bug Something isn't working Target Where the secrets are found labels Mar 28, 2021
@mattyjones mattyjones added this to the Milestone 1 milestone Jul 8, 2022
@mattyjones mattyjones assigned mattyjones and unassigned mattyjones Jul 18, 2022
@shreyas-sriram
Copy link
Contributor

shreyas-sriram commented Sep 6, 2022
edited

The execution needs to continue onto next iteration if user is not found. Otherwise, execution goes to sess.addUser(u) where the segmentation fault is thrown.

wraith/core/github.go

Lines 95 to 102 in 5efcf84

if err != nil {
sess.Out.Error("Unable to collect user %s: %s\n", u, err)
}
// Add the user to the session and increment the user count
sess.addUser(u)
sess.Stats.IncrementUsers()
sess.Out.Debug("Added user %s\n", *u.Login)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug Something isn't working Target Where the secrets are found
Projects
Wraith Project Board
Status: 📋 Backlog
Milestone
Milestone 1
Development

No branches or pull requests
3 participants
@mattyjones @nil0x42 @shreyas-sriram