Merge remote-tracking branch 'origin/topic/seth/add-file-lookup-functions'

* origin/topic/seth/add-file-lookup-functions: Functions for retrieving files by their id. BIT-1887 #merged
2025-10-09 10:08:20 +00:00 · 2018-01-12 09:45:26 -08:00 · 2018-01-12 09:45:26 -08:00 · 762e3c9f12
commit 762e3c9f12
parent 89ef5a7b7d 7cb6cf24a6
5 changed files with 84 additions and 8 deletions
--- a/testing/btest/Baseline/scripts.base.frameworks.file-analysis.bifs.file_exists_lookup_file/.stdout
+++ b/testing/btest/Baseline/scripts.base.frameworks.file-analysis.bifs.file_exists_lookup_file/.stdout
@ -0,0 +1,9 @@
+error: file ID asdf not a known file
+warning: non-void function returns without a value: Files::lookup_file
+This should fail but not crash
+This should return F
+F
+lookup fid: FakNcS1Jfe01uljb3
+We should have found the file id: FakNcS1Jfe01uljb3
+This should return T
+T
--- a/testing/btest/scripts/base/frameworks/file-analysis/bifs/file_exists_lookup_file.bro
+++ b/testing/btest/scripts/base/frameworks/file-analysis/bifs/file_exists_lookup_file.bro
@ -0,0 +1,21 @@
+# @TEST-EXEC: bro -r $TRACES/http/get.trace %INPUT 2>&1
+# @TEST-EXEC: btest-diff .stdout
+
+event bro_init()
+	{
+	print "This should fail but not crash";
+	print Files::lookup_file("asdf");
+
+	print "This should return F";
+	print Files::file_exists("asdf");
+	}
+
+event file_sniff(f: fa_file, meta: fa_metadata)
+	{
+	print "lookup fid: " + f$id;
+	local looked_up_file = Files::lookup_file(f$id);
+	print "We should have found the file id: " + looked_up_file$id ;
+
+	print "This should return T";
+	print Files::file_exists(f$id);
+	}