bugfix: Use of uninitialized value

a525e51d · Tomáš Plesník · 1d465184 · a525e51d
Commit a525e51d authored 10 years ago by Tomáš Plesník
--- a/src/warden-server/lib/Warden.pm
+++ b/src/warden-server/lib/Warden.pm
@@ -207,17 +207,17 @@ sub saveNewEvent
  my $received		= DateTime->now;	# time of event delivery (UTC)

  # parse object (event) item
-  my $service		= $data->{'SERVICE'};
-  my $detected		= $data->{'DETECTED'};
-  my $type		= $data->{'TYPE'};
-  my $source_type	= $data->{'SOURCE_TYPE'};
-  my $source		= $data->{'SOURCE'};
-  my $target_proto	= $data->{'TARGET_PROTO'};
-  my $target_port	= $data->{'TARGET_PORT'};
-  my $attack_scale 	= $data->{'ATTACK_SCALE'};
-  my $note		= $data->{'NOTE'};
-  my $priority		= $data->{'PRIORITY'};
-  my $timeout		= $data->{'TIMEOUT'};
+  my $service		= $data->{'SERVICE'} || "";		# tested
+  my $detected		= $data->{'DETECTED'} || "";		# tested
+  my $type		= $data->{'TYPE'} || "";		# tested
+  my $source_type	= $data->{'SOURCE_TYPE'} || "";		# tested
+  my $source		= $data->{'SOURCE'} || "";		# untested
+  my $target_proto	= $data->{'TARGET_PROTO'} || "";	# untested
+  my $target_port	= $data->{'TARGET_PORT'} || "";		# tested
+  my $attack_scale 	= $data->{'ATTACK_SCALE'} || "";	# tested
+  my $note		= $data->{'NOTE'} || "";		# untested
+  my $priority		= $data->{'PRIORITY'} || "";		# tested
+  my $timeout		= $data->{'TIMEOUT'} || "";		# tested

  # authorize incoming client
  my %client = authorizeClient($alt_names, $ip, $service, $client_type, $function_name);
@@ -227,7 +227,20 @@ sub saveNewEvent
            "Incoming event: [client_id: '$client{'client_id'}', service: '$service', detected: '$detected', type: '$type', source_type: '$source_type', source: '$source', target_proto: '$target_proto', target_port: '$target_port', attack_scale: '$attack_scale', note: '$note', priority: '$priority', timeout: '$timeout']",
             undef);

-    # check event item: 'detected'
+    # MySQL optimalization - replace empty string to undef
+    $service		= undef if $service eq "";
+    $detected 		= undef if $detected eq "";
+    $type 		= undef if $type eq "";
+    $source_type	= undef if $source_type eq "";
+    $source		= undef if $source eq "";
+    $target_proto	= undef if $target_proto eq "";
+    $target_port	= undef if $target_port eq "";
+    $attack_scale	= undef if $attack_scale eq "";
+    $note		= undef if $note eq "";
+    $priority		= undef if $priority eq "";
+    $timeout		= undef if $timeout eq "";
+
+    # test event item: 'detected'
    # http://my.safaribooksonline.com/book/programming/regular-expressions/9780596802837/4dot-validation-and-formatting/id2983571
    if ($detected !~ /^((?:[1-9][0-9]*)?[0-9]{4})-(1[0-2]|0[1-9])-(3[0-1]|0[1-9]|[1-2][0-9])T(2[0-3]|[0-1][0-9]):([0-5][0-9]):([0-5][0-9])(\.[0-9]+)?(Z|[+-](?:2[0-3]|[0-1][0-9]):[0-5][0-9])?/) {
      sendMsg("err",
@@ -235,7 +248,7 @@ sub saveNewEvent
              "Unknown detected time format: '$detected'");
    }

-    # check event item: 'event_type' and 'source_type' (based on VALIDATION HASH)
+    # test event item: 'event_type', 'source_type' (based on VALIDATION HASH)
    if (%WardenCommon::VALID_STRINGS) {
      if (!(exists $WardenCommon::VALID_STRINGS{'type'} && grep $type eq $_, @{$WardenCommon::VALID_STRINGS{'type'}})) {
        sendMsg("err",
@@ -248,7 +261,7 @@ sub saveNewEvent
      }
    }

-    # check event items: target_port, attack_scale, priority, timeout
+    # test event items: 'target_port', 'attack_scale', 'priority', 'timeout'
    my @change_list;
    if (defined $target_port && $target_port !~ /^\d+\z/) {
      push(@change_list, "target_port: '$target_port'");