MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

cleanup of comments and todos 

minor memory performance improvement
pull/61/head
Christophe Vandeplas 2012-06-11 11:01:58 +02:00
parent cd5d53b22b
commit 2d335f5dbe
5 changed files with 24 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
app/Controller/AttributesController.php
View File

@ -74,7 +74,7 @@ class AttributesController extends AppController {
// only own attributes verified by isAuthorized // only own attributes verified by isAuthorized
// Give error if someone tried to submit a attribute with attachment or malware-sample type. // Give error if someone tried to submit a attribute with attachment or malware-sample type.
// FIXME this is bad ... it should rather by a messagebox or should be filtered out on the view level // TODO change behavior attachment options - this is bad ... it should rather by a messagebox or should be filtered out on the view level
if($this->Attribute->typeIsAttachment($this->request->data['Attribute']['type'])) { if($this->Attribute->typeIsAttachment($this->request->data['Attribute']['type'])) {
$this->Session->setFlash(__('Attribute has not been added: attachments are added by "Add attachment" button', true), 'default', array(), 'error'); $this->Session->setFlash(__('Attribute has not been added: attachments are added by "Add attachment" button', true), 'default', array(), 'error');
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id'])); $this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id']));
@ -218,14 +218,15 @@ class AttributesController extends AppController {
$this->Attribute->create(); $this->Attribute->create();
if($this->request->data['Attribute']['malware']) { if($this->request->data['Attribute']['malware']) {
$this->request->data['Attribute']['type'] = "malware-sample"; $this->request->data['Attribute']['type'] = "malware-sample";
$this->request->data['Attribute']['value'] = $filename.'|'.$tmpfile->md5(); // TODO gives problems with bigger files $this->request->data['Attribute']['value'] = $filename.'|'.$tmpfile->md5(); // TODO gives problems with bigger files
$this->request->data['Attribute']['to_ids'] = 1; // LATER let user choose to send this to IDS
} }
else { else {
$this->request->data['Attribute']['type'] = "attachment"; $this->request->data['Attribute']['type'] = "attachment";
$this->request->data['Attribute']['value'] = $filename; $this->request->data['Attribute']['value'] = $filename;
$this->request->data['Attribute']['to_ids'] = 0;
} }
$this->request->data['Attribute']['uuid'] = String::uuid(); $this->request->data['Attribute']['uuid'] = String::uuid();
$this->request->data['Attribute']['to_ids'] = 0; // LATER permit user to send this to IDS
$this->request->data['Attribute']['batch_import'] = 0; $this->request->data['Attribute']['batch_import'] = 0;
if ($this->Attribute->save($this->request->data)) { if ($this->Attribute->save($this->request->data)) {
@ -316,7 +317,7 @@ class AttributesController extends AppController {
if('attachment' == $this->Attribute->data['Attribute']['type'] || if('attachment' == $this->Attribute->data['Attribute']['type'] ||
'malware-sample'== $this->Attribute->data['Attribute']['type'] ) { 'malware-sample'== $this->Attribute->data['Attribute']['type'] ) {
$this->set('attachment', true); $this->set('attachment', true);
// FIXME we should ensure value cannot be changed here and not only on a view level (because of the associated file) // TODO we should ensure 'value' cannot be changed here and not only on a view level (because of the associated file)
// $this->Session->setFlash(__('You cannot edit attachment attributes.', true), 'default', array(), 'error'); // $this->Session->setFlash(__('You cannot edit attachment attributes.', true), 'default', array(), 'error');
// $this->redirect(array('controller' => 'events', 'action' => 'view', $old_attribute['Event']['id'])); // $this->redirect(array('controller' => 'events', 'action' => 'view', $old_attribute['Event']['id']));
} else { } else {

29
app/Controller/EventsController.php
View File

@ -85,13 +85,13 @@ class EventsController extends AppController {
$relatedAttributes = array(); $relatedAttributes = array();
$this->loadModel('Attribute'); $this->loadModel('Attribute');
$fields = array('Attribute.id', 'Attribute.event_id', 'Attribute.uuid'); $fields = array('Attribute.id', 'Attribute.event_id', 'Attribute.uuid');
foreach ($this->Event->data['Attribute'] as $key => $attribute) { foreach ($this->Event->data['Attribute'] as &$attribute) {
$relatedAttributes[$attribute['id']] = $this->Attribute->getRelatedAttributes($attribute, $fields); $relatedAttributes[$attribute['id']] = $this->Attribute->getRelatedAttributes($attribute, $fields);
// for REST requests also add the encoded attachment // for REST requests also add the encoded attachment
if ($this->_isRest() && $this->Attribute->typeIsAttachment($attribute['type'])) { if ($this->_isRest() && $this->Attribute->typeIsAttachment($attribute['type'])) {
// LATER check if this has a serious performance impact on XML conversion and memory usage // LATER check if this has a serious performance impact on XML conversion and memory usage
$encoded_file = $this->Attribute->base64EncodeAttachment($attribute); $encoded_file = $this->Attribute->base64EncodeAttachment($attribute);
$this->Event->data['Attribute'][$key]['data'] = $encoded_file; $attribute['data'] = $encoded_file;
} }
} }
$this->set('relatedAttributes', $relatedAttributes); $this->set('relatedAttributes', $relatedAttributes);
@ -231,8 +231,8 @@ class EventsController extends AppController {
$fieldList=array('date', 'risk', 'info', 'published', 'private'); $fieldList=array('date', 'risk', 'info', 'published', 'private');
// always force the org, but do not force it for admins // always force the org, but do not force it for admins
if ($this->_isAdmin()) { if ($this->_isAdmin()) {
$this->Event->read(); // FIXME URGENT this should be deleted? delete and test // set the same org as existed before
$fieldList[]='org'; $this->Event->read();
$this->request->data['Event']['org'] = $this->Event->data['Event']['org']; $this->request->data['Event']['org'] = $this->Event->data['Event']['org'];
} }
// we probably also want to remove the published flag // we probably also want to remove the published flag
@ -509,8 +509,6 @@ class EventsController extends AppController {
if ($this->request->is('post') || $this->request->is('put')) { if ($this->request->is('post') || $this->request->is('put')) {
$message = $this->request->data['Event']['message']; $message = $this->request->data['Event']['message'];
if ($this->_sendContactEmail($id, $message)) { if ($this->_sendContactEmail($id, $message)) {
// LATER when a user is deleted this will create problems.
// LATER send the email to all the people who are in the org that created the event
// redirect to the view event page // redirect to the view event page
$this->Session->setFlash(__('Email sent to the reporter.', true)); $this->Session->setFlash(__('Email sent to the reporter.', true));
} else { } else {
@ -528,7 +526,7 @@ class EventsController extends AppController {
/** /**
* *
* Sends out an email to all people within the same group * Sends out an email to all people within the same org
* with the request to be contacted about a specific event. * with the request to be contacted about a specific event.
* @todo move _sendContactEmail($id, $message) to a better place. (components?) * @todo move _sendContactEmail($id, $message) to a better place. (components?)
* *
@ -709,7 +707,7 @@ class EventsController extends AppController {
// check if the key is valid -> search for users based on key // check if the key is valid -> search for users based on key
$this->loadModel('User'); $this->loadModel('User');
// no input sanitization necessary, it's done by model // no input sanitization necessary, it's done by model
// TODO do not fetch recursive // do not fetch recursive
$this->User->recursive=0; $this->User->recursive=0;
$user = $this->User->findByAuthkey($key); $user = $this->User->findByAuthkey($key);
if (empty($user)) { if (empty($user)) {
@ -742,9 +740,9 @@ class EventsController extends AppController {
$sid++; $sid++;
switch ($attribute['type']) { switch ($attribute['type']) {
// LATER test all the snort attributes // LATER nids - test all the snort attributes
// LATER add the tag keyword in the rules to capture network traffic // LATER nids - add the tag keyword in the rules to capture network traffic
// LATER sanitize every $attribute['value'] to not conflict with snort // LATER nids - sanitize every $attribute['value'] to not conflict with snort
case 'ip-dst': case 'ip-dst':
$rules[] = sprintf($rule_format, $rules[] = sprintf($rule_format,
'ip', // proto 'ip', // proto
@ -806,7 +804,7 @@ class EventsController extends AppController {
); );
break; break;
case 'email-subject': case 'email-subject':
// LATER email-subject rule might not match because of line-wrapping // LATER nids - email-subject rule might not match because of line-wrapping
$rules[] = sprintf($rule_format, $rules[] = sprintf($rule_format,
'tcp', // proto 'tcp', // proto
'$EXTERNAL_NET', // src_ip '$EXTERNAL_NET', // src_ip
@ -822,7 +820,7 @@ class EventsController extends AppController {
); );
break; break;
case 'email-attachment': case 'email-attachment':
// LATER email-attachment rule might not match because of line-wrapping // LATER nids - email-attachment rule might not match because of line-wrapping
$rules[] = sprintf($rule_format, $rules[] = sprintf($rule_format,
'tcp', // proto 'tcp', // proto
'$EXTERNAL_NET', // src_ip '$EXTERNAL_NET', // src_ip
@ -884,7 +882,7 @@ class EventsController extends AppController {
break; break;
case 'user-agent': case 'user-agent':
$rules[] = ""; $rules[] = "";
// TODO write snort user-agent rule // TODO nids - write snort user-agent rule
break; break;
case 'snort': case 'snort':
$tmp_rule = $attribute['value']; $tmp_rule = $attribute['value'];
@ -926,7 +924,7 @@ class EventsController extends AppController {
// finally the rule is cleaned up and can be outputed // finally the rule is cleaned up and can be outputed
$rules[] = $tmp_rule; $rules[] = $tmp_rule;
// TODO test using lots of snort rules. // LATER nids - test using lots of snort rules.
default: default:
break; break;
@ -977,7 +975,6 @@ class EventsController extends AppController {
// // check if the key is valid -> search for users based on key // // check if the key is valid -> search for users based on key
// $this->loadModel('User'); // $this->loadModel('User');
// // no input sanitization necessary, it's done by model // // no input sanitization necessary, it's done by model
// // TODO do not fetch recursive
// $this->User->recursive=0; // $this->User->recursive=0;
// $user = $this->User->findByAuthkey($key); // $user = $this->User->findByAuthkey($key);
// if (empty($user)) { // if (empty($user)) {

1
app/Controller/UsersController.php
View File

@ -224,7 +224,6 @@ class UsersController extends AppController {
public function login() { public function login() {
// FIXME implement authentication brute-force protection
if ($this->Auth->login()) { if ($this->Auth->login()) {
$this->redirect($this->Auth->redirect()); $this->redirect($this->Auth->redirect());
} else { } else {

8
app/Model/Attribute.php
View File

@ -33,7 +33,7 @@ class Attribute extends AppModel {
'private' => array('desc' => 'Prevents upload of this single Attribute to other CyDefSIG servers', 'formdesc' => 'Prevents upload of <em>this single Attribute</em> to other CyDefSIG servers.<br/>Used only when the Event is NOT set as Private') 'private' => array('desc' => 'Prevents upload of this single Attribute to other CyDefSIG servers', 'formdesc' => 'Prevents upload of <em>this single Attribute</em> to other CyDefSIG servers.<br/>Used only when the Event is NOT set as Private')
); );
// these are definition of possible types + their descriptions and maybe LATER other behaviors // these are definition of possible types + their descriptions and maybe later other behaviors
// e.g. if the attribute should be correlated with others or not // e.g. if the attribute should be correlated with others or not
public $type_definitions = array( public $type_definitions = array(
@ -297,8 +297,8 @@ class Attribute extends AppModel {
$filepath = APP."files/".$this->data['Attribute']['event_id']."/".$this->data['Attribute']['id']; $filepath = APP."files/".$this->data['Attribute']['event_id']."/".$this->data['Attribute']['id'];
$file = new File ($filepath); $file = new File ($filepath);
if($file->exists()) { if($file->exists()) {
if (!$file->delete()) { if (!$file->delete()) {
$this->Session->setFlash(__('Delete failed. Please report to administrator', true), 'default', array(), 'error'); // TODO change this message. Throw an internal error throw new InternalErrorException('Delete of file attachment failed. Please report to administrator.');
} }
} }
} }
@ -517,7 +517,7 @@ class Attribute extends AppModel {
// prepare the conditions // prepare the conditions
$conditions = array( $conditions = array(
'Attribute.event_id !=' => $attribute['event_id'], 'Attribute.event_id !=' => $attribute['event_id'],
// 'Attribute.type' => $attribute['type'], // LATER also filter on type // 'Attribute.type' => $attribute['type'], // do not filter on type
); );
if (empty($attribute['value1'])) // prevent issues with empty fields if (empty($attribute['value1'])) // prevent issues with empty fields
return null; return null;

2
app/Model/Server.php
View File

@ -17,7 +17,7 @@ class Server extends AppModel {
* @var array * @var array
*/ */
public $validate = array( public $validate = array(
'url' => array( // TODO add extra validation to refuse multiple urls from the same org 'url' => array( // TODO add extra validation to refuse multiple time the same url from the same org
'url' => array( 'url' => array(
'rule' => array('url'), 'rule' => array('url'),
'message' => 'Please enter a valid base-url.', 'message' => 'Please enter a valid base-url.',