From ea7379f6d3215e69a53f5066691824e73ead824b Mon Sep 17 00:00:00 2001
From: hahwul <hahwul@gmail.com>
Date: Sun, 26 Nov 2023 09:06:41 +0900
Subject: [PATCH] Add error handling in parameterAnalysis (#503)

---
 pkg/scanning/parameterAnlaysis.go | 26 ++++++++++++++------------
 1 file changed, 14 insertions(+), 12 deletions(-)

diff --git a/pkg/scanning/parameterAnlaysis.go b/pkg/scanning/parameterAnlaysis.go
index e262898d..094da929 100644
--- a/pkg/scanning/parameterAnlaysis.go
+++ b/pkg/scanning/parameterAnlaysis.go
@@ -177,25 +177,27 @@ func ParameterAnalysis(target string, options model.Options, rl *rateLimiter) ma
 						doc.Find("form").Each(func(i int, s *goquery.Selection) {
 							action, _ := s.Attr("action")
 							if strings.HasPrefix(action, "/") || strings.HasPrefix(action, "?") { // assuming this is a relative URL
-								url, _ := url.Parse(action)
-								query := url.Query()
-								for aParam := range query {
-									p, dp = setP(p, dp, aParam, options)
-									count = count + 1
+								url, err := url.Parse(action)
+								if err == nil {
+									query := url.Query()
+									for aParam := range query {
+										p, dp = setP(p, dp, aParam, options)
+										count = count + 1
+									}
 								}
-
 							}
 						})
 						doc.Find("a").Each(func(i int, s *goquery.Selection) {
 							href, _ := s.Attr("href")
 							if strings.HasPrefix(href, "/") || strings.HasPrefix(href, "?") { // assuming this is a relative URL
-								url, _ := url.Parse(href)
-								query := url.Query()
-								for aParam := range query {
-									p, dp = setP(p, dp, aParam, options)
-									count = count + 1
+								url, err := url.Parse(href)
+								if err == nil {
+									query := url.Query()
+									for aParam := range query {
+										p, dp = setP(p, dp, aParam, options)
+										count = count + 1
+									}
 								}
-
 							}
 						})
 						printing.DalLog("INFO", "Found "+strconv.Itoa(count)+" testing point in DOM base parameter mining", options)