mirror of https://github.com/MISP/MISP
Slight update to the filename regex
- accept extensions from 2 to 4 characters in lengthpull/63/head
parent
a72503161b
commit
581fc5e851
|
@ -362,13 +362,13 @@ class AttributesController extends AppController {
|
|||
if ($this->request->data['Attribute']['malware']) {
|
||||
$this->request->data['Attribute']['type'] = "malware-sample";
|
||||
//preg_replace('@[*|\||<|>|?|"|\\|/|\:]@', '', $filename);
|
||||
if (!preg_match('@^[\w-,\s]+\.[A-Za-z]{4}$@', $filename)) throw new Exception ('Filename not allowed');
|
||||
if (!preg_match('@[\w-,\s]+\.[A-Za-z]{2,4}$@', $filename)) throw new Exception ('Filename not allowed');
|
||||
$this->request->data['Attribute']['value'] = $filename . '|' . $tmpfile->md5(); // TODO gives problems with bigger files
|
||||
$this->request->data['Attribute']['to_ids'] = 1; // LATER let user choose to send this to IDS
|
||||
} else {
|
||||
$this->request->data['Attribute']['type'] = "attachment";
|
||||
//preg_replace('@[*|\||<|>|?|"|\\|/|\:]@', '', $filename);
|
||||
if (!preg_match('@^[\w-,\s]+\.[A-Za-z]{4}$@', $filename)) throw new Exception ('Filename not allowed');
|
||||
if (!preg_match('@[\w-,\s]+\.[A-Za-z]{2,4}$@', $filename)) throw new Exception ('Filename not allowed');
|
||||
$this->request->data['Attribute']['value'] = $filename;
|
||||
$this->request->data['Attribute']['to_ids'] = 0;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue