Skip to content

Commit

Permalink
Log an error if an override rule has no underlying, overridden rule (#…
Browse files Browse the repository at this point in the history
  • Loading branch information
egibs authored Nov 7, 2024
1 parent b6125e7 commit 6268db7
Show file tree
Hide file tree
Showing 5 changed files with 12 additions and 6 deletions.
2 changes: 1 addition & 1 deletion pkg/action/scan.go
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,7 @@ func scanSinglePath(ctx context.Context, c malcontent.Config, path string, ruleF
return &malcontent.FileReport{Path: path, Error: fmt.Sprintf("scan: %v", err)}, nil
}

fr, err := report.Generate(ctx, path, mrs, c, archiveRoot)
fr, err := report.Generate(ctx, path, mrs, c, archiveRoot, logger)
if err != nil {
return nil, err
}
Expand Down
10 changes: 8 additions & 2 deletions pkg/report/report.go
Original file line number Diff line number Diff line change
Expand Up @@ -342,7 +342,7 @@ func mungeDescription(s string) string {
}

//nolint:cyclop // ignore complexity of 44
func Generate(ctx context.Context, path string, mrs yara.MatchRules, c malcontent.Config, expath string) (malcontent.FileReport, error) {
func Generate(ctx context.Context, path string, mrs yara.MatchRules, c malcontent.Config, expath string, logger *clog.Logger) (malcontent.FileReport, error) {
ignoreTags := c.IgnoreTags
minScore := c.MinRisk
ignoreSelf := c.IgnoreSelf
Expand Down Expand Up @@ -451,7 +451,10 @@ func Generate(ctx context.Context, path string, mrs yara.MatchRules, c malconten

// If we find a match in the map for the metadata key, that's the rule to override
// Store this rule (the override) in the fr.Overrides behavior slice
if _, exists := mrsMap[k]; exists && override {
// If an override rule is not overriding a valid rule, log an error
_, exists := mrsMap[k]
switch {
case exists && override:
var overrideSev int
if sev, ok := Levels[v]; ok {
overrideSev = sev
Expand All @@ -460,6 +463,9 @@ func Generate(ctx context.Context, path string, mrs yara.MatchRules, c malconten
b.RiskScore = overrideSev
b.Override = append(b.Override, k)
fr.Overrides = append(fr.Overrides, b)
case !exists && override:
logger.Errorf("Override %s matched with no overridden rule\n", m.Rule)
continue
}

switch k {
Expand Down
Loading

0 comments on commit 6268db7

Please sign in to comment.