You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After running for an hour or so, the Fuzzer starts to throw these exceptions.
2015-12-14 20:17:29,964 [ZAP-FuzzerThreadPool-3-thread-6] ERROR HttpSender -
java.util.ConcurrentModificationException
at java.util.LinkedHashMap$LinkedHashIterator.nextEntry(LinkedHashMap.java:394)
at java.util.LinkedHashMap$KeyIterator.next(LinkedHashMap.java:405)
at java.util.AbstractCollection.toArray(AbstractCollection.java:141)
at java.util.LinkedList.addAll(LinkedList.java:406)
at java.util.LinkedList.addAll(LinkedList.java:385)
at java.util.LinkedList.(LinkedList.java:117)
at org.zaproxy.zap.session.CookieBasedSessionManagementHelper.getMatchingHttpSession(Unknown Source)
at org.zaproxy.zap.extension.httpsessions.HttpSessionsSite.getMatchingHttpSession(Unknown Source)
at org.zaproxy.zap.extension.httpsessions.HttpSessionsSite.processHttpRequestMessage(Unknown Source)
at org.zaproxy.zap.extension.httpsessions.ExtensionHttpSessions.onHttpRequestSend(Unknown Source)
at org.parosproxy.paros.network.HttpSender.notifyRequestListeners(Unknown Source)
at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source)
at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source)
at org.zaproxy.zap.extension.fuzz.httpfuzzer.HttpFuzzerTask.sendMessage(HttpFuzzerTask.java:84)
at org.zaproxy.zap.extension.fuzz.httpfuzzer.HttpFuzzerTask.runImpl(HttpFuzzerTask.java:52)
at org.zaproxy.zap.extension.fuzz.httpfuzzer.HttpFuzzerTask.runImpl(HttpFuzzerTask.java:32)
at org.zaproxy.zap.extension.fuzz.AbstractFuzzerTask.run(AbstractFuzzerTask.java:57)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
2015-12-14 20:17:29,975 [ZAP-FuzzerThreadPool-3-thread-1] ERROR HttpSender - Invalid range
java.lang.IndexOutOfBoundsException: Invalid range
at javax.swing.DefaultRowSorter.checkAgainstModel(DefaultRowSorter.java:921)
at javax.swing.DefaultRowSorter.rowsInserted(DefaultRowSorter.java:861)
at org.jdesktop.swingx.sort.DefaultSortController.rowsInserted(DefaultSortController.java:404)
at javax.swing.JTable.notifySorter(JTable.java:4270)
at javax.swing.JTable.sortedTableChanged(JTable.java:4118)
at javax.swing.JTable.tableChanged(JTable.java:4395)
at org.jdesktop.swingx.JXTable.tableChanged(JXTable.java:1561)
at javax.swing.table.AbstractTableModel.fireTableChanged(AbstractTableModel.java:296)
at javax.swing.table.AbstractTableModel.fireTableRowsInserted(AbstractTableModel.java:231)
at org.zaproxy.zap.extension.httpsessions.HttpSessionsTableModel.addHttpSession(Unknown Source)
at org.zaproxy.zap.extension.httpsessions.HttpSessionsSite.addHttpSession(Unknown Source)
at org.zaproxy.zap.extension.httpsessions.HttpSessionsSite.processHttpResponseMessage(Unknown Source)
at org.zaproxy.zap.extension.httpsessions.ExtensionHttpSessions.onHttpResponseReceive(Unknown Source)
at org.parosproxy.paros.network.HttpSender.notifyResponseListeners(Unknown Source)
at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source)
at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source)
at org.zaproxy.zap.extension.fuzz.httpfuzzer.HttpFuzzerTask.sendMessage(HttpFuzzerTask.java:84)
at org.zaproxy.zap.extension.fuzz.httpfuzzer.HttpFuzzerTask.runImpl(HttpFuzzerTask.java:52)
at org.zaproxy.zap.extension.fuzz.httpfuzzer.HttpFuzzerTask.runImpl(HttpFuzzerTask.java:32)
at org.zaproxy.zap.extension.fuzz.AbstractFuzzerTask.run(AbstractFuzzerTask.java:57)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
The text was updated successfully, but these errors were encountered:
Change method HttpSessionsSite.getMatchingHttpSession(...) to create a
copy of the sessions (in a synchronised block) and pass the copy to a
method of CookieBasedSessionManagementHelper to prevent the exception
ConcurrentModificationException (which happened while iterating/copying
the original sessions collection in the method of the latter class).
Change class HttpSessionsTableModel to do the modifications to sessions
collection and notifications to the GUI in the EDT to prevent leaving
the view in inconsistent state, which would lead to exceptions like
"IndexOutOfBoundsException: Invalid range", when sorting the entries
added to the "Http Sessions" table.
Change method ExtensionHttpSessions.onHttpResponseReceive(...) to not
process the responses of fuzzed messages, which can potentially generate
thousands of "synthetic" sessions in ZAP (like the active scanner,
already excluded).
Fixzaproxy#2142 - Fuzzer throwing exceptions
After running for an hour or so, the Fuzzer starts to throw these exceptions.
2015-12-14 20:17:29,964 [ZAP-FuzzerThreadPool-3-thread-6] ERROR HttpSender -
java.util.ConcurrentModificationException
at java.util.LinkedHashMap$LinkedHashIterator.nextEntry(LinkedHashMap.java:394)
at java.util.LinkedHashMap$KeyIterator.next(LinkedHashMap.java:405)
at java.util.AbstractCollection.toArray(AbstractCollection.java:141)
at java.util.LinkedList.addAll(LinkedList.java:406)
at java.util.LinkedList.addAll(LinkedList.java:385)
at java.util.LinkedList.(LinkedList.java:117)
at org.zaproxy.zap.session.CookieBasedSessionManagementHelper.getMatchingHttpSession(Unknown Source)
at org.zaproxy.zap.extension.httpsessions.HttpSessionsSite.getMatchingHttpSession(Unknown Source)
at org.zaproxy.zap.extension.httpsessions.HttpSessionsSite.processHttpRequestMessage(Unknown Source)
at org.zaproxy.zap.extension.httpsessions.ExtensionHttpSessions.onHttpRequestSend(Unknown Source)
at org.parosproxy.paros.network.HttpSender.notifyRequestListeners(Unknown Source)
at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source)
at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source)
at org.zaproxy.zap.extension.fuzz.httpfuzzer.HttpFuzzerTask.sendMessage(HttpFuzzerTask.java:84)
at org.zaproxy.zap.extension.fuzz.httpfuzzer.HttpFuzzerTask.runImpl(HttpFuzzerTask.java:52)
at org.zaproxy.zap.extension.fuzz.httpfuzzer.HttpFuzzerTask.runImpl(HttpFuzzerTask.java:32)
at org.zaproxy.zap.extension.fuzz.AbstractFuzzerTask.run(AbstractFuzzerTask.java:57)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
2015-12-14 20:17:29,975 [ZAP-FuzzerThreadPool-3-thread-1] ERROR HttpSender - Invalid range
java.lang.IndexOutOfBoundsException: Invalid range
at javax.swing.DefaultRowSorter.checkAgainstModel(DefaultRowSorter.java:921)
at javax.swing.DefaultRowSorter.rowsInserted(DefaultRowSorter.java:861)
at org.jdesktop.swingx.sort.DefaultSortController.rowsInserted(DefaultSortController.java:404)
at javax.swing.JTable.notifySorter(JTable.java:4270)
at javax.swing.JTable.sortedTableChanged(JTable.java:4118)
at javax.swing.JTable.tableChanged(JTable.java:4395)
at org.jdesktop.swingx.JXTable.tableChanged(JXTable.java:1561)
at javax.swing.table.AbstractTableModel.fireTableChanged(AbstractTableModel.java:296)
at javax.swing.table.AbstractTableModel.fireTableRowsInserted(AbstractTableModel.java:231)
at org.zaproxy.zap.extension.httpsessions.HttpSessionsTableModel.addHttpSession(Unknown Source)
at org.zaproxy.zap.extension.httpsessions.HttpSessionsSite.addHttpSession(Unknown Source)
at org.zaproxy.zap.extension.httpsessions.HttpSessionsSite.processHttpResponseMessage(Unknown Source)
at org.zaproxy.zap.extension.httpsessions.ExtensionHttpSessions.onHttpResponseReceive(Unknown Source)
at org.parosproxy.paros.network.HttpSender.notifyResponseListeners(Unknown Source)
at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source)
at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source)
at org.zaproxy.zap.extension.fuzz.httpfuzzer.HttpFuzzerTask.sendMessage(HttpFuzzerTask.java:84)
at org.zaproxy.zap.extension.fuzz.httpfuzzer.HttpFuzzerTask.runImpl(HttpFuzzerTask.java:52)
at org.zaproxy.zap.extension.fuzz.httpfuzzer.HttpFuzzerTask.runImpl(HttpFuzzerTask.java:32)
at org.zaproxy.zap.extension.fuzz.AbstractFuzzerTask.run(AbstractFuzzerTask.java:57)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
The text was updated successfully, but these errors were encountered: