mirror of https://github.com/MISP/MISP
bugfix in Attribute validation
Do not search for related attributes for specific typespull/61/head
parent
d0b52de85e
commit
aea079b8c4
|
@ -92,9 +92,12 @@ class EventsController extends AppController {
|
|||
// This is a lot faster (only additional query) than $this->Event->getRelatedEvents()
|
||||
$relatedEventIds = array();
|
||||
$relatedEvents = array();
|
||||
foreach ($relatedAttributes as $relatedAttribute)
|
||||
foreach ($relatedAttribute as $item)
|
||||
$relatedEventsIds[] = $item['Attribute']['event_id'];
|
||||
foreach ($relatedAttributes as $relatedAttribute) {
|
||||
if (null == $relatedAttribute) continue;
|
||||
foreach ($relatedAttribute as $item) {
|
||||
$relatedEventsIds[] = $item['Attribute']['event_id'];
|
||||
}
|
||||
}
|
||||
if (isset($relatedEventsIds)) {
|
||||
$relatedEventsIds = array_unique($relatedEventsIds);
|
||||
$find_params = array(
|
||||
|
|
|
@ -205,6 +205,8 @@ class Attribute extends AppModel {
|
|||
// lowercase these things
|
||||
case 'md5':
|
||||
case 'sha1':
|
||||
case 'domain':
|
||||
case 'hostname':
|
||||
$this->data['Attribute']['value'] = strtolower($this->data['Attribute']['value']);
|
||||
break;
|
||||
}
|
||||
|
@ -265,13 +267,13 @@ class Attribute extends AppModel {
|
|||
break;
|
||||
case 'filename|md5':
|
||||
// no newline
|
||||
if (preg_match("#^.*|[0-9a-f]{32}$#", $value))
|
||||
if (preg_match("#^.+\|[0-9a-f]{32}$#", $value))
|
||||
return true;
|
||||
return 'Checksum has invalid length or format. Please double check the value or select "other" for a type.';
|
||||
break;
|
||||
case 'filename|sha1':
|
||||
// no newline
|
||||
if (preg_match("#^.*|[0-9a-f]{40}$#", $value))
|
||||
if (preg_match("#^.+\|[0-9a-f]{40}$#", $value))
|
||||
return true;
|
||||
return 'Checksum has invalid length or format. Please double check the value or select "other" for a type.';
|
||||
break;
|
||||
|
@ -352,7 +354,7 @@ class Attribute extends AppModel {
|
|||
break;
|
||||
case 'regkey|value':
|
||||
// no newline
|
||||
if (!preg_match("#.*|.*#", $value))
|
||||
if (!preg_match("#.+\|.+#", $value))
|
||||
return true;
|
||||
break;
|
||||
case 'snort':
|
||||
|
@ -375,12 +377,25 @@ class Attribute extends AppModel {
|
|||
}
|
||||
|
||||
function getRelatedAttributes($attribute, $fields=array()) {
|
||||
// LATER there should be a list of types/categories included here as some are not eligible (AV detection category
|
||||
// or "other" type could be excluded)
|
||||
// LATER getRelatedAttributes($attribute) this might become a performance bottleneck
|
||||
$conditions = array('Attribute.value =' => $attribute['value'],
|
||||
'Attribute.id !=' => $attribute['id'],
|
||||
'Attribute.type =' => $attribute['type'], );
|
||||
|
||||
// exclude these specific categories to be linked
|
||||
switch ($attribute['category']) {
|
||||
case 'Antivirus detection':
|
||||
return null;
|
||||
}
|
||||
// exclude these specific types to be linked
|
||||
switch ($attribute['type']) {
|
||||
case 'description':
|
||||
case 'other':
|
||||
return null;
|
||||
}
|
||||
|
||||
// do the search
|
||||
$conditions = array(
|
||||
'Attribute.value =' => $attribute['value'],
|
||||
'Attribute.id !=' => $attribute['id'],
|
||||
'Attribute.type =' => $attribute['type'], );
|
||||
if (empty($fields)) {
|
||||
$fields = array('Attribute.*');
|
||||
}
|
||||
|
|
|
@ -149,6 +149,9 @@ class Event extends AppModel {
|
|||
}
|
||||
|
||||
function getRelatedEvents() {
|
||||
// FIXME rewrite this to use the getRelatedAttributes function from the Attributes Model.
|
||||
// only this way the code will be consistent
|
||||
|
||||
// first get a list of related event_ids
|
||||
// then do a single query to search for all the events with that id
|
||||
$relatedEventIds = Array();
|
||||
|
|
|
@ -128,11 +128,11 @@
|
|||
echo ' ';
|
||||
}
|
||||
}
|
||||
?>
|
||||
?>
|
||||
</td>
|
||||
<td class="short" style="text-align: center;"><?php echo $attribute['to_ids'] ? 'Yes' : 'No';?></td>
|
||||
<?php if ('true' == Configure::read('CyDefSIG.sync')): ?>
|
||||
<td class="short" style="text-align: center;"><?php echo $attribute['private'] ? 'Private' : '';?></td>
|
||||
<td class="short" style="text-align: center;"><?php echo $attribute['private'] ? 'Private' : ' ';?></td>
|
||||
<?php endif;?>
|
||||
<?php if ($isAdmin || $event['Event']['org'] == $me['org']): ?>
|
||||
<td class="actions">
|
||||
|
|
Loading…
Reference in New Issue