Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add error handling for when zap is not installed #223

Merged
merged 1 commit into from
Oct 9, 2024
Merged

Conversation

sfowl
Copy link
Collaborator

@sfowl sfowl commented Oct 9, 2024

Before:

$ ./rapidast.py --config config.yaml
INFO:Next scanner: 'zap'
INFO:Preparing ZAP configuration
INFO:ZAP NOT configured with any authentication
INFO:Saved Automation Framework in /tmp/rapidast_zap_4b_ulssd/workdir/af.yaml
INFO:Running up the ZAP scanner on the host
INFO:Zap: verifying the viability of ZAP
Traceback (most recent call last):
  File "/home/sfowler/code/rapidast/./rapidast.py", line 223, in <module>
    run()
  File "/home/sfowler/code/rapidast/./rapidast.py", line 208, in run
    ret = run_scanner(name, config, args, scan_exporter)
  File "/home/sfowler/code/rapidast/./rapidast.py", line 100, in run_scanner
    scanner.run()
  File "/home/sfowler/code/rapidast/scanners/zap/zap_none.py", line 107, in run
    self._check_plugin_status()
  File "/home/sfowler/code/rapidast/scanners/zap/zap_none.py", line 286, in _check_plugin_status
    result = subprocess.run(command, check=False, capture_output=True)
  File "/usr/lib64/python3.9/subprocess.py", line 505, in run
    with Popen(*popenargs, **kwargs) as process:
  File "/usr/lib64/python3.9/subprocess.py", line 951, in __init__
    self._execute_child(args, executable, preexec_fn, close_fds,
  File "/usr/lib64/python3.9/subprocess.py", line 1837, in _execute_child
    raise child_exception_type(errno_num, err_msg, err_filename)
FileNotFoundError: [Errno 2] No such file or directory: 'zap.sh'

After:

$ ./rapidast.py --config config.yaml
INFO:Next scanner: 'zap'
INFO:Preparing ZAP configuration
INFO:ZAP NOT configured with any authentication
INFO:Saved Automation Framework in /tmp/rapidast_zap_brlvwf_w/workdir/af.yaml
INFO:Running up the ZAP scanner on the host
INFO:Zap: verifying the viability of ZAP
ERROR:zap.sh not found in PATH, is ZAP installed?

shutil.which() also does not depend on which being installed, e.g.

 # which curl
bash: which: command not found
# python3 -c 'import shutil; print(shutil.which("curl"))'
/usr/bin/curl

@sfowl sfowl requested review from cedricbu and jeremychoi October 9, 2024 01:38
Copy link
Collaborator

@jeremychoi jeremychoi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@sfowl sfowl merged commit 475b6e3 into development Oct 9, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants