CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8236 from Security-Onion-Solutions/fix/localfile_analyzer

Browse Source 
Strip quotes and ensure file_path is typed as a list (localfile analyzer)
This commit is contained in:
weslambert
2022-07-05 16:28:56 -04:00
committed by GitHub
parent 77ee30f31a 9d43b7ec89
commit 2b73cd1156
3 changed files with 13 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
salt/sensoroni/files/analyzers/build.sh
View File

@@ -15,8 +15,9 @@ function ci() {
exit 1 exit 1
fi fi
pip install pytest pytest-cov
flake8 "$TARGET_DIR" "--config=${HOME_DIR}/pytest.ini" flake8 "$TARGET_DIR" "--config=${HOME_DIR}/pytest.ini"
pytest "$TARGET_DIR" "--cov-config=${HOME_DIR}/pytest.ini" "--cov=$TARGET_DIR" --doctest-modules --cov-report=term --cov-fail-under=100 python3 -m pytest "--cov-config=${HOME_DIR}/pytest.ini" "--cov=$TARGET_DIR" --doctest-modules --cov-report=term --cov-fail-under=100 "$TARGET_DIR"
} }
function download() { function download() {

3
salt/sensoroni/files/analyzers/localfile/localfile_test.py
View File

@@ -17,13 +17,16 @@ class TestLocalfileMethods(unittest.TestCase):
def test_main_success(self): def test_main_success(self):
output = {"foo": "bar"} output = {"foo": "bar"}
conf = {"file_path": ["somefile.csv"]}
with patch('sys.stdout', new=StringIO()) as mock_stdout: with patch('sys.stdout', new=StringIO()) as mock_stdout:
with patch('localfile.localfile.analyze', new=MagicMock(return_value=output)) as mock: with patch('localfile.localfile.analyze', new=MagicMock(return_value=output)) as mock:
with patch('helpers.loadConfig', new=MagicMock(return_value=conf)) as lcmock:
sys.argv = ["cmd", "input"] sys.argv = ["cmd", "input"]
localfile.main() localfile.main()
expected = '{"foo": "bar"}\n' expected = '{"foo": "bar"}\n'
self.assertEqual(mock_stdout.getvalue(), expected) self.assertEqual(mock_stdout.getvalue(), expected)
mock.assert_called_once() mock.assert_called_once()
lcmock.assert_called_once()
def test_checkConfigRequirements_present(self): def test_checkConfigRequirements_present(self):
conf = {"file_path": "['intel.csv']"} conf = {"file_path": "['intel.csv']"}

4
salt/sensoroni/files/analyzers/malwarehashregistry/malwarehashregistry_test.py
View File

@@ -35,7 +35,9 @@ class TestMalwareHashRegistryMethods(unittest.TestCase):
response = malwarehashregistry.sendReq(hash) response = malwarehashregistry.sendReq(hash)
mock.assert_called_once_with(options, hash, flags) mock.assert_called_once_with(options, hash, flags)
self.assertIsNotNone(response) self.assertIsNotNone(response)
self.assertEqual(response, {"hash": "84af04b8e69682782607a0c5796ca56999eda6b3", "last_seen": "2019-15-07 03:30:33", "av_detection_percentage": 35}) self.assertEqual(response["hash"], "84af04b8e69682782607a0c5796ca56999eda6b3")
self.assertRegex(response["last_seen"], r'2019-..-07 ..:..:33') # host running this test won't always use UTC
self.assertEqual(response["av_detection_percentage"], 35)
def test_sendReqNoData(self): def test_sendReqNoData(self):
output = "84af04b8e69682782607a0c5796ca5696b3 NO_DATA" output = "84af04b8e69682782607a0c5796ca5696b3 NO_DATA"