mirror of https://github.com/MISP/MISP
fix: Fixed potential double hashing of samples with the encrypt flag
parent
36f6c9685d
commit
343e5b881f
|
@ -118,15 +118,12 @@ class ObjectsController extends AppController {
|
|||
if (isset($this->request->data['Object']['data'])) {
|
||||
$this->request->data = json_decode($this->request->data['Object']['data'], true);
|
||||
}
|
||||
if (!isset($this->request->data['Attribute'])) {
|
||||
$this->request->data = array('Attribute' => $this->request->data);
|
||||
}
|
||||
if (!isset($this->request->data['Object'])) {
|
||||
$attributeTemp = $this->request->data['Attribute'];
|
||||
unset($this->request->data['Attribute']);
|
||||
$this->request->data = array('Object' => $this->request->data);
|
||||
$this->request->data['Attribute'] = $attributeTemp;
|
||||
unset($attributeTemp);
|
||||
}
|
||||
if (!isset($this->request->data['Attribute']) && isset($this->request->data['Object']['Attribute'])) {
|
||||
$this->request->data['Attribute'] = $this->request->data['Object']['Attribute'];
|
||||
unset($this->request->data['Object']['Attribute']);
|
||||
}
|
||||
$object = $this->MispObject->attributeCleanup($this->request->data);
|
||||
// we pre-validate the attributes before we create an object at this point
|
||||
|
|
|
@ -2482,6 +2482,10 @@ class Attribute extends AppModel {
|
|||
public function saveAttributes($attributes) {
|
||||
foreach ($attributes as $k => $attribute) {
|
||||
if (!empty($attribute['encrypt']) && $attribute['encrypt']) {
|
||||
if (strpos($attribute['value'], '|') !== false) {
|
||||
$temp = explode('|', $attribute['value']);
|
||||
$attribute['value'] = $temp[0];
|
||||
}
|
||||
$result = $this->handleMaliciousBase64($attribute['event_id'], $attribute['value'], $attribute['data'], array('md5'));
|
||||
$attribute['data'] = $result['data'];
|
||||
$attribute['value'] = $attribute['value'] . '|' . $result['md5'];
|
||||
|
|
Loading…
Reference in New Issue