Skip to content
Snippets Groups Projects
Commit a525e51d authored by Tomáš Plesník's avatar Tomáš Plesník
Browse files

bugfix: Use of uninitialized value

parent 1d465184
No related branches found
No related tags found
No related merge requests found
...@@ -207,17 +207,17 @@ sub saveNewEvent ...@@ -207,17 +207,17 @@ sub saveNewEvent
my $received = DateTime->now; # time of event delivery (UTC) my $received = DateTime->now; # time of event delivery (UTC)
# parse object (event) item # parse object (event) item
my $service = $data->{'SERVICE'}; my $service = $data->{'SERVICE'} || ""; # tested
my $detected = $data->{'DETECTED'}; my $detected = $data->{'DETECTED'} || ""; # tested
my $type = $data->{'TYPE'}; my $type = $data->{'TYPE'} || ""; # tested
my $source_type = $data->{'SOURCE_TYPE'}; my $source_type = $data->{'SOURCE_TYPE'} || ""; # tested
my $source = $data->{'SOURCE'}; my $source = $data->{'SOURCE'} || ""; # untested
my $target_proto = $data->{'TARGET_PROTO'}; my $target_proto = $data->{'TARGET_PROTO'} || ""; # untested
my $target_port = $data->{'TARGET_PORT'}; my $target_port = $data->{'TARGET_PORT'} || ""; # tested
my $attack_scale = $data->{'ATTACK_SCALE'}; my $attack_scale = $data->{'ATTACK_SCALE'} || ""; # tested
my $note = $data->{'NOTE'}; my $note = $data->{'NOTE'} || ""; # untested
my $priority = $data->{'PRIORITY'}; my $priority = $data->{'PRIORITY'} || ""; # tested
my $timeout = $data->{'TIMEOUT'}; my $timeout = $data->{'TIMEOUT'} || ""; # tested
# authorize incoming client # authorize incoming client
my %client = authorizeClient($alt_names, $ip, $service, $client_type, $function_name); my %client = authorizeClient($alt_names, $ip, $service, $client_type, $function_name);
...@@ -227,7 +227,20 @@ sub saveNewEvent ...@@ -227,7 +227,20 @@ sub saveNewEvent
"Incoming event: [client_id: '$client{'client_id'}', service: '$service', detected: '$detected', type: '$type', source_type: '$source_type', source: '$source', target_proto: '$target_proto', target_port: '$target_port', attack_scale: '$attack_scale', note: '$note', priority: '$priority', timeout: '$timeout']", "Incoming event: [client_id: '$client{'client_id'}', service: '$service', detected: '$detected', type: '$type', source_type: '$source_type', source: '$source', target_proto: '$target_proto', target_port: '$target_port', attack_scale: '$attack_scale', note: '$note', priority: '$priority', timeout: '$timeout']",
undef); undef);
# check event item: 'detected' # MySQL optimalization - replace empty string to undef
$service = undef if $service eq "";
$detected = undef if $detected eq "";
$type = undef if $type eq "";
$source_type = undef if $source_type eq "";
$source = undef if $source eq "";
$target_proto = undef if $target_proto eq "";
$target_port = undef if $target_port eq "";
$attack_scale = undef if $attack_scale eq "";
$note = undef if $note eq "";
$priority = undef if $priority eq "";
$timeout = undef if $timeout eq "";
# test event item: 'detected'
# http://my.safaribooksonline.com/book/programming/regular-expressions/9780596802837/4dot-validation-and-formatting/id2983571 # http://my.safaribooksonline.com/book/programming/regular-expressions/9780596802837/4dot-validation-and-formatting/id2983571
if ($detected !~ /^((?:[1-9][0-9]*)?[0-9]{4})-(1[0-2]|0[1-9])-(3[0-1]|0[1-9]|[1-2][0-9])T(2[0-3]|[0-1][0-9]):([0-5][0-9]):([0-5][0-9])(\.[0-9]+)?(Z|[+-](?:2[0-3]|[0-1][0-9]):[0-5][0-9])?/) { if ($detected !~ /^((?:[1-9][0-9]*)?[0-9]{4})-(1[0-2]|0[1-9])-(3[0-1]|0[1-9]|[1-2][0-9])T(2[0-3]|[0-1][0-9]):([0-5][0-9]):([0-5][0-9])(\.[0-9]+)?(Z|[+-](?:2[0-3]|[0-1][0-9]):[0-5][0-9])?/) {
sendMsg("err", sendMsg("err",
...@@ -235,7 +248,7 @@ sub saveNewEvent ...@@ -235,7 +248,7 @@ sub saveNewEvent
"Unknown detected time format: '$detected'"); "Unknown detected time format: '$detected'");
} }
# check event item: 'event_type' and 'source_type' (based on VALIDATION HASH) # test event item: 'event_type', 'source_type' (based on VALIDATION HASH)
if (%WardenCommon::VALID_STRINGS) { if (%WardenCommon::VALID_STRINGS) {
if (!(exists $WardenCommon::VALID_STRINGS{'type'} && grep $type eq $_, @{$WardenCommon::VALID_STRINGS{'type'}})) { if (!(exists $WardenCommon::VALID_STRINGS{'type'} && grep $type eq $_, @{$WardenCommon::VALID_STRINGS{'type'}})) {
sendMsg("err", sendMsg("err",
...@@ -248,7 +261,7 @@ sub saveNewEvent ...@@ -248,7 +261,7 @@ sub saveNewEvent
} }
} }
# check event items: target_port, attack_scale, priority, timeout # test event items: 'target_port', 'attack_scale', 'priority', 'timeout'
my @change_list; my @change_list;
if (defined $target_port && $target_port !~ /^\d+\z/) { if (defined $target_port && $target_port !~ /^\d+\z/) {
push(@change_list, "target_port: '$target_port'"); push(@change_list, "target_port: '$target_port'");
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment