Skip to content

Commit

Permalink
Merge pull request #9 from polarityio/develop
Browse files Browse the repository at this point in the history
Fix hash lookups, bump dependencies
  • Loading branch information
sarus authored Feb 2, 2024
2 parents d184eb7 + f48d303 commit 69939b4
Show file tree
Hide file tree
Showing 3 changed files with 36 additions and 14 deletions.
38 changes: 30 additions & 8 deletions integration.js
Original file line number Diff line number Diff line change
Expand Up @@ -181,13 +181,32 @@ function doIndicatorLookups(entityType, entityValues, options, cb) {
}
if (Array.isArray(result.body)) {
result.body.forEach((indicatorResult) => {
const entityValue = get(indicatorResult, 'value.name', '').toLowerCase();
const entity = entityLookup.get(entityValue);
let entityValue = get(indicatorResult, 'value.name', '').toLowerCase();
let entity = entityLookup.get(entityValue);
if (!entity) {
//The primary hash entity value returned from Analyst1 might not match with the hash value the user is
// specifically looking for. The entity may have associated values that matches with the value
// being searched. As an example, the user may be searching for a SHA256 hash value, but the Analyst1
// primary value for that SHA256 is a MD5. This logic will ensure those results are still returned.
if (Array.isArray(indicatorResult.hashes)) {
const matchingHash = indicatorResult.hashes.find((hash) => {
return entityLookup.has(hash.value.toLowerCase());
});

if (matchingHash) {
const matchingHashLower = matchingHash.value.toLowerCase();

entityValue = matchingHashLower;
entity = entityLookup.get(matchingHashLower);
}
}

// somehow the returned entity value does not match anything in our entity lookup so
// we just skip it
Logger.error({ indicatorResult }, 'Indicator Result is missing `value.name`');
return;
if (!entity) {
Logger.error({ indicatorResult }, 'Indicator Result is missing `value.name`');
return;
}
}
entityLookup.delete(entityValue);
const details = _getDetails(entity, indicatorResult, options);
Expand Down Expand Up @@ -462,7 +481,10 @@ function addEvidence(indicator, evidence, tlp, options, cb) {
evidenceFileClassification: '',
sourceId: options.evidenceSourceId,
evidenceFile: {
value: Buffer.from(`Evidence for ${indicator}\nSubmitted from Polarity Analyst1 Integration\n\n${evidence}`, 'utf-8'),
value: Buffer.from(
`Evidence for ${indicator}\nSubmitted from Polarity Analyst1 Integration\n\n${evidence}`,
'utf-8'
),
options: {
filename: `polarity-${+new Date()}.txt`,
contentType: 'text/plain'
Expand Down Expand Up @@ -578,11 +600,11 @@ function validateOptions(options, cb) {
});
}

if(options.enableEvidenceSubmission.value === true &&
+options.evidenceSourceId.value <= -1){
if (options.enableEvidenceSubmission.value === true && +options.evidenceSourceId.value <= -1) {
errors.push({
key: 'evidenceSourceId',
message: 'Evidence source id must be set to a number greater than or equal to zero. Delete the option value to specify an unknown source.'
message:
'Evidence source id must be set to a number greater than or equal to zero. Delete the option value to specify an unknown source.'
});
}

Expand Down
8 changes: 4 additions & 4 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions package.json
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "analyst1",
"version": "3.5.4",
"version": "3.5.5",
"main": "./integration.js",
"private": true,
"dependencies": {
"async": "^3.2.4",
"async": "^3.2.5",
"lodash.groupby": "^4.6.0",
"lodash.get": "^4.4.2",
"postman-request": "^2.88.1-postman.33"
Expand Down

0 comments on commit 69939b4

Please sign in to comment.