mirror of https://github.com/MISP/MISP
fix: [freetext] Convert CVE string to uppercase to follow attribute validation
parent
9b1e1cb1ba
commit
66b0d34337
|
@ -376,7 +376,13 @@ class ComplexTypeTool
|
|||
{
|
||||
// CVE numbers
|
||||
if (preg_match("#^cve-[0-9]{4}-[0-9]{4,9}$#i", $input['raw'])) {
|
||||
return array('types' => array('vulnerability'), 'categories' => array('External analysis'), 'to_ids' => false, 'default_type' => 'vulnerability', 'value' => $input['raw']);
|
||||
return [
|
||||
'types' => ['vulnerability'],
|
||||
'categories' => ['External analysis'],
|
||||
'to_ids' => false,
|
||||
'default_type' => 'vulnerability',
|
||||
'value' => strtoupper($input['raw']), // 'CVE' must be uppercase
|
||||
];
|
||||
}
|
||||
// Phone numbers - for automatic recognition, needs to start with + or include dashes
|
||||
if ($input['raw'][0] === '+' || strpos($input['raw'], '-')) {
|
||||
|
|
|
@ -420,6 +420,15 @@ EOT;
|
|||
$this->assertEquals('vulnerability', $results[0]['default_type']);
|
||||
}
|
||||
|
||||
public function testCheckFreeTextCveLowercase(): void
|
||||
{
|
||||
$complexTypeTool = new ComplexTypeTool();
|
||||
$results = $complexTypeTool->checkFreeText('cve-2019-16202');
|
||||
$this->assertCount(1, $results);
|
||||
$this->assertEquals('CVE-2019-16202', $results[0]['value']);
|
||||
$this->assertEquals('vulnerability', $results[0]['default_type']);
|
||||
}
|
||||
|
||||
public function testCheckFreeTextAs(): void
|
||||
{
|
||||
$complexTypeTool = new ComplexTypeTool();
|
||||
|
|
Loading…
Reference in New Issue