Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NullReferenceException on creation of the Runner #139

Closed
ostridm opened this issue Dec 15, 2022 · 0 comments · Fixed by #140
Closed

NullReferenceException on creation of the Runner #139

ostridm opened this issue Dec 15, 2022 · 0 comments · Fixed by #140
Assignees
@ostridm
Labels
Type: bug Something isn't working

Comments

@ostridm
Copy link
Contributor

ostridm commented Dec 15, 2022
edited by derevnjuk
Loading

Environment:
.NET 7.0, SecTester packages of versions: [0.33.2, 0.33.4]

Precondition:
Create a Bright API key with all available scopes.
Put created API key under BRIGTH_TOKEN env variable.

Eaxampe

    [Fact]
    public async Task Post_BrokencrystalsApiMetadata_ShouldHaveXxe()
    {
        var config = new Configuration("hotel.playground.brightsec.com", logLevel: LogLevel.Trace);
        var runner = SecRunner.Create(config);
        await runner.Init();

        var content = new StringContent(@"<?xml version=""1.0"" encoding=""UTF-8""?><!DOCTYPE replace [<!ENTITY xxe SYSTEM ""file:///etc//passwd""> ]><xxe_trigger>&xxe;</xxe_trigger><child></child>", Encoding.Default, "text/xml");
        var headers = new Dictionary<string, IEnumerable<string>>
        {
            { "Accept", new[] { "application/json", "text/plain", "*/*" } },
            { "Accept-Encoding", new[] { "identity" } },
        };
        var target = new Target("https://qa.brokencrystals.com/api/metadata")
            .WithMethod(HttpMethod.Post)
            .WithBody(content)
            .WithHeaders(headers);
        var builder = new ScanSettingsBuilder()
            .WithTests(new List<TestType> { TestType.Xxe });

        await runner
            .CreateScan(builder)
            .Threshold(Severity.Medium)
            .Run(target);
        
        await runner.DisposeAsync();
    }

Actual result:
System.NullReferenceException raised

Expected result:
Test is able to start
@ostridm ostridm added the Type: bug Something isn't working label Dec 15, 2022
@ostridm ostridm self-assigned this Dec 15, 2022
ostridm added a commit that referenced this issue Dec 15, 2022
@ostridm
fix(runner): add ability to load credentials in Create method
8ac37ca 
closes #139
@ostridm ostridm mentioned this issue Dec 15, 2022
Merged
ostridm added a commit that referenced this issue Dec 16, 2022
@ostridm
fix(runner): add ability to load credentials in Create method
76238ed 
adjust according to code review
#140 (comment)
#140 (comment)

closes #139
ostridm added a commit that referenced this issue Dec 16, 2022
@ostridm
fix(runner): add ability to load credentials in Create method
59cee85 
closes #139
ostridm added a commit that referenced this issue Dec 16, 2022
@ostridm
fix(runner): add ability to load credentials in Create method
3429b11 
adjust according to code review
#140 (comment)
#140 (comment)

closes #139
derevnjuk pushed a commit that referenced this issue Dec 16, 2022
@ostridm
fix(runner): load credentials before creating a composite root (#140)
10bc306 
closes #139
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ostridm ostridm

Labels
Type: bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(runner): load credentials before creating a composite root NeuraLegion/sectester-net
1 participant
@ostridm