Merge pull request #591 from kak-bo-che/bugfix/correct_mimetype_on_fileobject

Previously file object was reporting the libmagic description of a file
pull/604/head
Raphaël Vinot 2020-06-15 10:02:17 +02:00 committed by GitHub
commit 96aeaf71e4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 1 deletions

View File

@ -68,7 +68,7 @@ class FileObject(AbstractMISPObjectGenerator):
self.add_attribute('sha512', value=sha512(self.__data).hexdigest()) self.add_attribute('sha512', value=sha512(self.__data).hexdigest())
self.add_attribute('malware-sample', value=self.__filename, data=self.__pseudofile) self.add_attribute('malware-sample', value=self.__filename, data=self.__pseudofile)
if HAS_MAGIC: if HAS_MAGIC:
self.add_attribute('mimetype', value=magic.from_buffer(self.__data)) self.add_attribute('mimetype', value=magic.from_buffer(self.__data, mime=True))
if HAS_PYDEEP: if HAS_PYDEEP:
self.add_attribute('ssdeep', value=pydeep.hash_buf(self.__data).decode()) self.add_attribute('ssdeep', value=pydeep.hash_buf(self.__data).decode())

16
tests/test_fileobject.py Normal file
View File

@ -0,0 +1,16 @@
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import unittest
import json
from pymisp.tools import FileObject
import pathlib
class TestFileObject(unittest.TestCase):
def test_mimeType(self):
file_object = FileObject(filepath=pathlib.Path(__file__))
attributes = json.loads(file_object.to_json())['Attribute']
mime = next(attr for attr in attributes if attr['object_relation'] == 'mimetype')
# was "Python script, ASCII text executable"
self.assertEqual(mime['value'], 'text/x-python')