Search in sources :

Example 21 with DatabaseException

use of org.parosproxy.paros.db.DatabaseException in project zaproxy by zaproxy.

the class Session method open.

protected void open(String fileName) throws DatabaseException, IOException, Exception {
    // TODO extract into db specific classes??
    if (Database.DB_TYPE_HSQLDB.equals(model.getDb().getType())) {
        configuration = new ZapXmlConfiguration(new File(fileName));
        sessionId = configuration.getLong(SESSION_ID);
        sessionName = configuration.getString(SESSION_NAME, "");
        sessionDesc = configuration.getString(SESSION_DESC, "");
    } else {
        this.setSessionId(Long.parseLong(fileName));
    }
    model.getDb().close(false, isCleanUpRequired());
    model.getDb().open(fileName);
    this.fileName = fileName;
    if (View.isInitialised()) {
        // Detach the siteTree model from the Sites tree, to reduce notification changes to the UI while loading
        View.getSingleton().getSiteTreePanel().getTreeSite().setModel(new SiteMap(null, null));
    }
    if (!Constant.isLowMemoryOptionSet()) {
        SiteNode newRoot = new SiteNode(siteTree, -1, Constant.messages.getString("tab.sites"));
        siteTree.setRoot(newRoot);
    }
    // update history reference
    List<Integer> list = model.getDb().getTableHistory().getHistoryIdsOfHistType(getSessionId(), HistoryReference.TYPE_PROXIED, HistoryReference.TYPE_ZAP_USER);
    HistoryReference historyRef = null;
    discardContexts();
    // Load the session urls
    this.setExcludeFromProxyRegexs(sessionUrlListToStingList(model.getDb().getTableSessionUrl().getUrlsForType(RecordSessionUrl.TYPE_EXCLUDE_FROM_PROXY)));
    this.setExcludeFromScanRegexs(sessionUrlListToStingList(model.getDb().getTableSessionUrl().getUrlsForType(RecordSessionUrl.TYPE_EXCLUDE_FROM_SCAN)));
    this.setExcludeFromSpiderRegexs(sessionUrlListToStingList(model.getDb().getTableSessionUrl().getUrlsForType(RecordSessionUrl.TYPE_EXCLUDE_FROM_SPIDER)));
    for (int i = 0; i < list.size(); i++) {
        // ZAP: Removed unnecessary cast.
        int historyId = list.get(i).intValue();
        try {
            historyRef = new HistoryReference(historyId);
            if (View.isInitialised()) {
                final HistoryReference hRef = historyRef;
                final HttpMessage msg = historyRef.getHttpMessage();
                EventQueue.invokeAndWait(new Runnable() {

                    @Override
                    public void run() {
                        SiteNode sn = getSiteTree().addPath(hRef, msg);
                        if (sn != null) {
                            sn.setIncludedInScope(isIncludedInScope(sn), false);
                            sn.setExcludedFromScope(isExcludedFromScope(sn), false);
                        }
                    }
                });
            } else {
                SiteNode sn = getSiteTree().addPath(historyRef);
                if (sn != null) {
                    sn.setIncludedInScope(this.isIncludedInScope(sn), false);
                    sn.setExcludedFromScope(this.isExcludedFromScope(sn), false);
                }
            }
            // ZAP: Load alerts from db
            historyRef.loadAlerts();
            if (i % 100 == 99)
                Thread.yield();
        } catch (Exception e) {
            // ZAP: Log exceptions
            log.warn(e.getMessage(), e);
        }
    }
    // update siteTree reference
    list = model.getDb().getTableHistory().getHistoryIdsOfHistType(getSessionId(), HistoryReference.TYPE_SPIDER, HistoryReference.TYPE_BRUTE_FORCE, HistoryReference.TYPE_SPIDER_AJAX, HistoryReference.TYPE_SCANNER);
    for (int i = 0; i < list.size(); i++) {
        // ZAP: Removed unnecessary cast.
        int historyId = list.get(i).intValue();
        try {
            historyRef = new HistoryReference(historyId);
            if (View.isInitialised()) {
                final HistoryReference hRef = historyRef;
                final HttpMessage msg = historyRef.getHttpMessage();
                EventQueue.invokeAndWait(new Runnable() {

                    @Override
                    public void run() {
                        getSiteTree().addPath(hRef, msg);
                    }
                });
            } else {
                getSiteTree().addPath(historyRef);
            }
            historyRef.loadAlerts();
            if (i % 100 == 99)
                Thread.yield();
        } catch (Exception e) {
            // ZAP: Log exceptions
            log.warn(e.getMessage(), e);
        }
    }
    List<RecordContext> contextData = model.getDb().getTableContext().getAllData();
    for (RecordContext data : contextData) {
        Context ctx = this.getContext(data.getContextId());
        if (ctx == null) {
            ctx = new Context(this, data.getContextId());
            this.addContext(ctx);
            if (nextContextIndex <= data.getContextId()) {
                nextContextIndex = data.getContextId() + 1;
            }
        }
        switch(data.getType()) {
            case RecordContext.TYPE_NAME:
                ctx.setName(data.getData());
                if (View.isInitialised() && !ctx.getName().equals(String.valueOf(ctx.getIndex()))) {
                    View.getSingleton().renameContext(ctx);
                }
                break;
            case RecordContext.TYPE_DESCRIPTION:
                ctx.setDescription(data.getData());
                break;
            case RecordContext.TYPE_INCLUDE:
                ctx.addIncludeInContextRegex(data.getData());
                break;
            case RecordContext.TYPE_EXCLUDE:
                ctx.addExcludeFromContextRegex(data.getData());
                break;
            case RecordContext.TYPE_IN_SCOPE:
                ctx.setInScope(Boolean.parseBoolean(data.getData()));
                break;
            case RecordContext.TYPE_INCLUDE_TECH:
                ctx.getTechSet().include(new Tech(data.getData()));
                break;
            case RecordContext.TYPE_EXCLUDE_TECH:
                ctx.getTechSet().exclude(new Tech(data.getData()));
                break;
        }
    }
    for (Context ctx : contexts) {
        try {
            // Set up the URL parameter parser
            List<String> strs = this.getContextDataStrings(ctx.getIndex(), RecordContext.TYPE_URL_PARSER_CLASSNAME);
            if (strs.size() == 1) {
                Class<?> c = ExtensionFactory.getAddOnLoader().loadClass(strs.get(0));
                if (c == null) {
                    log.error("Failed to load URL parser for context " + ctx.getIndex() + " : " + strs.get(0));
                } else {
                    ParameterParser parser = (ParameterParser) c.getConstructor().newInstance();
                    strs = this.getContextDataStrings(ctx.getIndex(), RecordContext.TYPE_URL_PARSER_CONFIG);
                    if (strs.size() == 1) {
                        parser.init(strs.get(0));
                    }
                    parser.setContext(ctx);
                    ctx.setUrlParamParser(parser);
                }
            }
        } catch (Exception e) {
            log.error("Failed to load URL parser for context " + ctx.getIndex(), e);
        }
        try {
            // Set up the URL parameter parser
            List<String> strs = this.getContextDataStrings(ctx.getIndex(), RecordContext.TYPE_POST_PARSER_CLASSNAME);
            if (strs.size() == 1) {
                Class<?> c = ExtensionFactory.getAddOnLoader().loadClass(strs.get(0));
                if (c == null) {
                    log.error("Failed to load POST parser for context " + ctx.getIndex() + " : " + strs.get(0));
                } else {
                    ParameterParser parser = (ParameterParser) c.getConstructor().newInstance();
                    strs = this.getContextDataStrings(ctx.getIndex(), RecordContext.TYPE_POST_PARSER_CONFIG);
                    if (strs.size() == 1) {
                        parser.init(strs.get(0));
                    }
                    parser.setContext(ctx);
                    ctx.setPostParamParser(parser);
                }
            }
        } catch (Exception e) {
            log.error("Failed to load POST parser for context " + ctx.getIndex(), e);
        }
        try {
            // Set up the Data Driven Nodes
            List<String> strs = this.getContextDataStrings(ctx.getIndex(), RecordContext.TYPE_DATA_DRIVEN_NODES);
            for (String str : strs) {
                ctx.addDataDrivenNodes(new StructuralNodeModifier(str));
            }
        } catch (Exception e) {
            log.error("Failed to load data driven nodes for context " + ctx.getIndex(), e);
        }
        ctx.restructureSiteTree();
    }
    if (View.isInitialised()) {
        View.getSingleton().getSiteTreePanel().getTreeSite().setModel(siteTree);
        View.getSingleton().getSiteTreePanel().expandRoot();
    }
    this.refreshScope();
    Stats.clearAll();
    System.gc();
}
Also used : Context(org.zaproxy.zap.model.Context) RecordContext(org.parosproxy.paros.db.RecordContext) StandardParameterParser(org.zaproxy.zap.model.StandardParameterParser) ParameterParser(org.zaproxy.zap.model.ParameterParser) StructuralNodeModifier(org.zaproxy.zap.model.StructuralNodeModifier) RecordContext(org.parosproxy.paros.db.RecordContext) URIException(org.apache.commons.httpclient.URIException) InvalidParameterException(java.security.InvalidParameterException) IllegalContextNameException(org.zaproxy.zap.model.IllegalContextNameException) IOException(java.io.IOException) DatabaseException(org.parosproxy.paros.db.DatabaseException) InvocationTargetException(java.lang.reflect.InvocationTargetException) ConfigurationException(org.apache.commons.configuration.ConfigurationException) Tech(org.zaproxy.zap.model.Tech) ZapXmlConfiguration(org.zaproxy.zap.utils.ZapXmlConfiguration) HttpMessage(org.parosproxy.paros.network.HttpMessage) File(java.io.File)

Example 22 with DatabaseException

use of org.parosproxy.paros.db.DatabaseException in project zaproxy by zaproxy.

the class HistoryReference method toString.

@Override
public String toString() {
    if (display != null) {
        return display;
    }
    HttpMessage msg = null;
    try {
        msg = getHttpMessage();
        display = getDisplay(msg);
    } catch (HttpMalformedHeaderException e1) {
        display = "";
    } catch (DatabaseException e) {
        display = "";
    }
    return display;
}
Also used : HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException) HttpMessage(org.parosproxy.paros.network.HttpMessage) DatabaseException(org.parosproxy.paros.db.DatabaseException)

Example 23 with DatabaseException

use of org.parosproxy.paros.db.DatabaseException in project zaproxy by zaproxy.

the class SiteMapPanel method showFilterPlusDialog.

private void showFilterPlusDialog() {
    HistoryFilterPlusDialog dialog = getFilterPlusDialog();
    dialog.setModal(true);
    try {
        dialog.setAllTags(Model.getSingleton().getDb().getTableTag().getAllTags());
    } catch (DatabaseException e) {
        log.error(e.getMessage(), e);
    }
    int exit = dialog.showDialog();
    SiteTreeFilter filter = new SiteTreeFilter(dialog.getFilter());
    filter.setInScope(this.getScopeButton().isSelected());
    if (exit != JOptionPane.CANCEL_OPTION) {
        setFilter();
    }
}
Also used : HistoryFilterPlusDialog(org.zaproxy.zap.extension.history.HistoryFilterPlusDialog) SiteTreeFilter(org.zaproxy.zap.view.SiteTreeFilter) DatabaseException(org.parosproxy.paros.db.DatabaseException)

Example 24 with DatabaseException

use of org.parosproxy.paros.db.DatabaseException in project zaproxy by zaproxy.

the class ParosTableAlert method getAlertListBySession.

@Override
public Vector<Integer> getAlertListBySession(long sessionId) throws DatabaseException {
    try {
        try (PreparedStatement psReadSession = getConnection().prepareStatement("SELECT ALERTID FROM " + TABLE_NAME + " INNER JOIN SCAN ON ALERT.SCANID = SCAN.SCANID WHERE SESSIONID = ?")) {
            Vector<Integer> v = new Vector<>();
            psReadSession.setLong(1, sessionId);
            try (ResultSet rs = psReadSession.executeQuery()) {
                while (rs.next()) {
                    int alertId = rs.getInt(ALERTID);
                    // ZAP: Changed to use the method Integer.valueOf.
                    v.add(Integer.valueOf(alertId));
                }
            }
            return v;
        }
    } catch (SQLException e) {
        throw new DatabaseException(e);
    }
}
Also used : SQLException(java.sql.SQLException) ResultSet(java.sql.ResultSet) PreparedStatement(java.sql.PreparedStatement) Vector(java.util.Vector) DatabaseException(org.parosproxy.paros.db.DatabaseException)

Example 25 with DatabaseException

use of org.parosproxy.paros.db.DatabaseException in project zaproxy by zaproxy.

the class ParosTableAlert method getAlertsBySourceHistoryId.

/* (non-Javadoc)
	 * @see org.parosproxy.paros.db.paros.TableAlert#getAlertsBySourceHistoryId(int)
	 */
@Override
public synchronized List<RecordAlert> getAlertsBySourceHistoryId(int historyId) throws DatabaseException {
    try {
        List<RecordAlert> result = new ArrayList<>();
        psGetAlertsForHistoryId.setLong(1, historyId);
        try (ResultSet rs = psGetAlertsForHistoryId.executeQuery()) {
            RecordAlert ra = build(rs);
            while (ra != null) {
                result.add(ra);
                ra = build(rs);
            }
        }
        return result;
    } catch (SQLException e) {
        throw new DatabaseException(e);
    }
}
Also used : SQLException(java.sql.SQLException) ArrayList(java.util.ArrayList) ResultSet(java.sql.ResultSet) DatabaseException(org.parosproxy.paros.db.DatabaseException) RecordAlert(org.parosproxy.paros.db.RecordAlert)

Aggregations

DatabaseException (org.parosproxy.paros.db.DatabaseException)153 SQLException (java.sql.SQLException)113 ResultSet (java.sql.ResultSet)61 ArrayList (java.util.ArrayList)28 HttpMalformedHeaderException (org.parosproxy.paros.network.HttpMalformedHeaderException)19 PreparedStatement (java.sql.PreparedStatement)11 Session (org.parosproxy.paros.model.Session)11 HttpMessage (org.parosproxy.paros.network.HttpMessage)11 RecordHistory (org.parosproxy.paros.db.RecordHistory)9 RecordAlert (org.parosproxy.paros.db.RecordAlert)7 RecordContext (org.parosproxy.paros.db.RecordContext)7 Vector (java.util.Vector)6 URIException (org.apache.commons.httpclient.URIException)6 IOException (java.io.IOException)5 TableHistory (org.parosproxy.paros.db.TableHistory)5 HistoryReference (org.parosproxy.paros.model.HistoryReference)5 StructuralSiteNode (org.zaproxy.zap.model.StructuralSiteNode)5 Matcher (java.util.regex.Matcher)4 PatternSyntaxException (java.util.regex.PatternSyntaxException)4 JSONException (net.sf.json.JSONException)4