Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-11 19:18:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

FileAnalysis: libmagic tweaks.

Browse source 
Remove verbose file type detection and automatically strip out charset
from mime type.
This commit is contained in:
Jon Siwek 2013-04-11 13:11:46 -05:00
parent 2fba37e277
commit e81f2ae7b0
23 changed files with 27 additions and 70 deletions
Download patch file Download diff file Expand all files Collapse all files

2
testing/scripts/diff-remove-mime-types
View file

@ -10,7 +10,7 @@ BEGIN { FS="\t"; OFS="\t"; type_col = -1; desc_col = -1 }
{
if ( $i == "mime_type" )
type_col = i-1;
if ( $i == "mime_desc" || $i == "file_type" )
if ( $i == "mime_desc" )
desc_col = i-1;
}
}

10
testing/scripts/file-analysis-test.bro
View file

@ -47,17 +47,11 @@ event file_new(f: fa_file)
print f$bof_buffer[0:10];
}
if ( f?$file_type || f?$mime_type )
print "FILE_TYPE";
# not actually printing the values due to libmagic variances
if ( f?$file_type )
{
print "file type is set";
f$file_type = "set";
}
if ( f?$mime_type )
{
print "FILE_TYPE";
print "mime type is set";
# not actually printing the values due to libmagic variances
f$mime_type = "set";
}
}