From ebb4c440729daba00ef82bc3a4273bfcdf2a8ee8 Mon Sep 17 00:00:00 2001
From: DoI <5291556+denandz@users.noreply.github.com>
Date: Fri, 3 Feb 2023 03:01:07 +1300
Subject: [PATCH] Sniper template parsing - fixes #579 (#580)

* Add sniper template error cases to tests

* move injectKeyword to a seperate output slice - Fixes #579
---
 pkg/ffuf/request.go      |  8 +++++---
 pkg/ffuf/request_test.go | 17 +++++++++++++++++
 2 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/pkg/ffuf/request.go b/pkg/ffuf/request.go
index 8cce661..de93cbf 100644
--- a/pkg/ffuf/request.go
+++ b/pkg/ffuf/request.go
@@ -172,10 +172,12 @@ func injectKeyword(input string, keyword string, startOffset int, endOffset int)
 	prefix := inputslice[:startOffset]
 	suffix := inputslice[endOffset+1:]
 
-	inputslice = append(prefix, keywordslice...)
-	inputslice = append(inputslice, suffix...)
+	var outputslice []rune
+	outputslice = append(outputslice, prefix...)
+	outputslice = append(outputslice, keywordslice...)
+	outputslice = append(outputslice, suffix...)
 
-	return string(inputslice)
+	return string(outputslice)
 }
 
 // scrubTemplates removes all template (§) strings from the request struct
diff --git a/pkg/ffuf/request_test.go b/pkg/ffuf/request_test.go
index 7c55f78..414993d 100644
--- a/pkg/ffuf/request_test.go
+++ b/pkg/ffuf/request_test.go
@@ -215,6 +215,23 @@ func TestInjectKeyword(t *testing.T) {
 		t.Errorf("injectKeyword offset validation failed")
 	}
 
+	input = "id=§a§&sort=desc"
+	offsetTuple = templateLocations("§", input)
+	expected = "id=FUZZ&sort=desc"
+
+	result = injectKeyword(input, "FUZZ", offsetTuple[0], offsetTuple[1])
+	if result != expected {
+		t.Errorf("injectKeyword returned unexpected result: " + result)
+	}
+
+	input = "feature=aaa&thingie=bbb&array[§0§]=baz"
+	offsetTuple = templateLocations("§", input)
+	expected = "feature=aaa&thingie=bbb&array[FUZZ]=baz"
+
+	result = injectKeyword(input, "FUZZ", offsetTuple[0], offsetTuple[1])
+	if result != expected {
+		t.Errorf("injectKeyword returned unexpected result: " + result)
+	}
 }
 
 func TestScrubTemplates(t *testing.T) {