Bug: Validation of datatypes is too strict
See original GitHub issueBackground
In current implementation it requires all types in the rule parameter datatypes
to be defined in conf/types.json
.
For example, following rule will return false
even normalized type command
is defined. It is because the fetch_values_by_datatype
helper will return an empty list due to code to validate datatypes at here .
"""This is sample rule to alert on any suspicious use of wget"""
import fnmatch
from helpers.base import fetch_values_by_datatype
@rule(datatypes=['command', 'not_exist_normalized_type'])
def alert_suspecious_wget(rec):
results = fetch_values_by_datatype(rec, 'command')
for result in results:
if fnmatch(result, "wget *"):
return true
return false
Desired Change
Return value of normalized types if defined, and ignore normalized types which are not defined in conf/types.json
.
Issue Analytics
- State:
- Created 6 years ago
- Comments:6 (3 by maintainers)
Top Results From Across the Web
Datatypes validations are too strict! · Issue #4314 - GitHub
In my humble opinion; validations would be better off by default, and let the user decide if he/she wants an early validation or...
Read more >Input validation errors: The root of all evil in web application ...
Input validation is the first step in sanitizing the type and content of data supplied by a user or application. Missing or improper...
Read more >How to Validate Datatypes in Python - Start Data Engineering
Although this is possible, it can become hard to manually validate data types and handle all such cases.
Read more >CWE-20: Improper Input Validation (4.9) - MITRE
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required...
Read more >Find Mode not validating Data Type… - Claris Community
I am trying to trap errors with a much more complicated search, but wish to see when a validation error occurs in the...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Yes, I have the fix already, will send PR soon.
After a use-case Javier raised, and giving it more thought,
datatypes
should be anOR
vs.AND
operation. @chunyong-lin - can you make the appropriate changes?