[Oisf-users] suricata-update - TypeError: int() argument must be a string, etc....
Davide Setti
d.setti at certego.net
Wed Mar 6 17:02:14 UTC 2019
Hi John,
Could the dropped semicolon before the sid: field have messed that up?
>
I think that you are right, actually the parser in suricata-update uses the
semicolon as field separator (see
https://github.com/OISF/suricata-update/blob/master/suricata/update/rule.py#L151)
so if its missing between reference and sid the latter will be swallowed by
the first one. This is also a bad scenario because the swallowed field is
the sid.
Regarding the code it could be nice to have a try-except block arount the
parse function call which could print out on which file and which line
generated the error.
Regards,
Davide
--
<http://www.certego.net/>
Davide Setti
R&D and Incident Response Team, Certego
<http://www.linkedin.com/company/certego> <http://twitter.com/Certego_IRT>
<http://github.com/certego> <http://www.youtube.com/CERTEGOsrl>
<http://plus.google.com/117641917176532015312>
Use of the information within this document constitutes acceptance for use
in an "as is" condition. There are no warranties with regard to this
information; Certego has verified the data as thoroughly as possible. Any
use of this information lies within the user's responsibility. In no event
shall Certego be liable for any consequences or damages, including direct,
indirect, incidental, consequential, loss of business profits or special
damages, arising out of or in connection with the use or spread of this
information.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20190306/fd575a30/attachment.html>
More information about the Oisf-users
mailing list