fixes

README.md

@@ -629,7 +629,7 @@ And a sample code:
     cfg.TestOverride.Input.DestAddr = &host
     cfg.TestOverride.Input.Port = &port
 
-    res, err := runner.Run(cfg, tests, runner.RunnerConfig{
+    res, err := runner.Run(cfg, tests, &runner.RunnerConfig{
                     ShowTime: false,
                     }, output.NewOutput("quiet", os.Stdout))
     if err != nil {

check/base.go

@@ -116,6 +116,10 @@ func (c *FTWCheck) GetTriggeredRules() []uint {
 	if c.CloudMode() {
 		return nil
 	}
+	// When a test is expecting to trigger an error and it effectively does, markers are not set.
+	if c.log.StartMarker() == nil || c.log.EndMarker() == nil {
+		return nil
+	}
 	return c.log.TriggeredRules()
 }
 

runner/run_test.go

@@ -31,7 +31,6 @@ var logText = `[Tue Jan 05 02:21:09.637165 2021] [:error] [pid 76:tid 1396834345
 [Tue Jan 05 02:21:09.637731 2021] [:error] [pid 76:tid 139683434571520] [client 172.23.0.1:58998] [client 172.23.0.1] ModSecurity: Warning. Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/etc/modsecurity.d/owasp-crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1230"] [id "920300"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.3.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [tag "paranoia-level/2"] [hostname "localhost"] [uri "/"] [unique_id "X-PNFSe1VwjCgYRI9FsbHgAAAIY"]
 [Tue Jan 05 02:21:09.638572 2021] [:error] [pid 76:tid 139683434571520] [client 172.23.0.1:58998] [client 172.23.0.1] ModSecurity: Warning. Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity.d/owasp-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "localhost"] [uri "/"] [unique_id "X-PNFSe1VwjCgYRI9FsbHgAAAIY"]
 [Tue Jan 05 02:21:09.647668 2021] [:error] [pid 76:tid 139683434571520] [client 172.23.0.1:58998] [client 172.23.0.1] ModSecurity: Warning. Operator GE matched 5 at TX:inbound_anomaly_score. [file "/etc/modsecurity.d/owasp-crs/rules/RESPONSE-980-CORRELATION.conf"] [line "87"] [id "980130"] [msg "Inbound Anomaly Score Exceeded (Total Inbound Score: 5 - SQLI=0,XSS=0,RFI=0,LFI=0,RCE=0,PHPI=0,HTTP=0,SESS=0): individual paranoia level scores: 3, 2, 0, 0"] [ver "OWASP_CRS/3.3.0"] [tag "event-correlation"] [hostname "localhost"] [uri "/"] [unique_id "X-PNFSe1VwjCgYRI9FsbHgAAAIY"]`
-
 var testConfigMap = map[string]string{
 	"BaseConfig": `---
 testoverride:

waflog/read.go

@@ -142,9 +142,9 @@ func (ll *FTWLogLines) getMarkedLines() [][]byte {
 		log.Fatal().Msg("Both start and end marker must be set before the log can be inspected")
 	}
 
-	if bytes.Equal(ll.startMarker, ll.endMarker) {
-		log.Fatal().Msg("Start and end markers must be different")
-	}
+	// if bytes.Equal(ll.startMarker, ll.endMarker) {
+	// 	log.Fatal().Msg("Start and end markers must be different.")
+	// }
 
 	fi, err := ll.logFile.Stat()
 	if err != nil {