Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Extender: isEnable called without proper context

Michal | Last updated: Aug 12, 2015 09:55PM UTC

Hi, While writing new extension (IMessageEditorTabFactory) I've encountered a small bug. Code is available here: https://raw.githubusercontent.com/carstein/burp-extensions/master/Argonaut.py While loading extension I get NullPointerException but later on extension works fine. It seems to me that problem lies in line 64: req = self._helpers.analyzeRequest(self._controller.getRequest()) Apparently isEnable() is called without proper controller or context because it returns null (my guess). Tested on burp pro 1.6.24 (funny, it does not appear on 1.6.01 free). Rgds. carstein

PortSwigger Agent | Last updated: Aug 13, 2015 08:55AM UTC

This is strange as I just ran your code on 1.6.24 and didn't see any exceptions. I can see the Argonaut tab showing in the message editor for responses. Maybe you can do some checks for every value you deference to see what exactly is null?

Burp User | Last updated: Aug 18, 2015 10:16AM UTC

New version wrapped this block in try/except so maybe you've hit it. Let me test it some more and I will return full stacktrace if I encounter it. Rgds. MM

PortSwigger Agent | Last updated: Aug 18, 2015 10:35AM UTC

Thanks for the update. We've reproduced this behavior now. One situation that it arises is during startup when Burp constructs some message editors for things like the site map and proxy history views, and then adds your extension's custom tab to them. At this stage, the editors are not displaying anything, so the controller returns null from getRequest() and getResponse(). It's not completely clear whether this is a bug, as opposed to an edge case where we just need to establish the right contract and maybe document it. On the one hand, we could make Burp stop calling isEnabled() in this situation, and just decide not to show your tab. On the other hand, we could call isEnabled() and let your extension decide whether to show the tab in cases where no message is showing (the current behavior). I think I probably favor the latter, because this lets extension authors decide to always dispay their tab even when no message is shown (like Burp does for the native Raw and Hex tabs). WIth this contract, the extension would need to guard against no message being displayed and handle it accordingly. We can maybe update the API documentation to make this possibility explicit, if that would help others in this situation. Let us know your thoughts - thanks.

Burp User | Last updated: Aug 19, 2015 04:28PM UTC

Hey again, Run some tests today: - Burpsuite pro 1.6.24 - Jython 2.7 stable This is current isEnable() implementation snippet: 68 raw_req = self._controller.getRequest() 69 print id(self), type(raw_req) 70 req = self._helpers.analyzeRequest(raw_req) Shortly after loading module on clean burp (nothing in history): 2 <type 'NoneType'> 3 <type 'array.array'> Relevant stacktrace: java.lang.NullPointerException: Request cannot be null at burp.x1c.analyzeRequest(Unknown Source) at burp.x1c.analyzeRequest(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:497) at org.python.core.PyReflectedFunction.__call__(PyReflectedFunction.java:186) at org.python.core.PyReflectedFunction.__call__(PyReflectedFunction.java:204) at org.python.core.PyObject.__call__(PyObject.java:420) at org.python.core.PyObject.__call__(PyObject.java:424) at org.python.core.PyMethod.__call__(PyMethod.java:136) at org.python.pycode._pyx1.isEnabled$8(XXX/burp-extensions/Argonaut.py:80) at org.python.pycode._pyx1.call_function(XXX/burp-extensions/Argonaut.py) Comment: It looks to me like one of the ArgonautTab instance isEnabled() method is called when there is no proper context (no request and response that controller can return). Rgds. MM

Burp User | Last updated: Aug 20, 2015 12:26PM UTC

Hey Dafydd, Thank you for investigating that matter. I would lean toward that this is just an edge case but it would be nice to document that in some way in extender api. Leaving the decision to extension alone seems to be the best solution and that is exactly what I will implement (simple if). As always, thanks for great support. Rgds. MM

PortSwigger Agent | Last updated: Aug 20, 2015 12:48PM UTC