From: Shivani Bhardwaj <shivanib134@gmail.com>
Date: Thu, 10 Feb 2022 13:20:06 +0000 (+0530)
Subject: handle dataset files properly
X-Git-Tag: 1.3.0rc1~28
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8b46748309cefd4926968a19bc8946e30583f758;p=thirdparty%2Fsuricata-update.git

handle dataset files properly

- Cover edge cases for invalid dataset rules
- Handle "state" attribute
- Make checks more robust

Ticket 5010
---

diff --git a/suricata/update/main.py b/suricata/update/main.py
index 4a1c569..c558991 100644
--- a/suricata/update/main.py
+++ b/suricata/update/main.py
@@ -424,8 +424,19 @@ def manage_classification(suriconf, files):
 def handle_dataset_files(rule, dep_files):
     if not rule.enabled:
         return
-    load_attr = [el.strip() for el in rule.dataset.split(",") if "load" in el][0]
-    dataset_fname = os.path.basename(load_attr.split(" ")[1])
+    load_attr = [el.strip() for el in rule.dataset.split(",") if el.startswith("load")]
+    state_attr = [el.strip() for el in rule.dataset.split(",") if el.startswith("state")]
+    if not load_attr and not state_attr:
+        return
+    if load_attr and state_attr:
+        logger.error("Invalid dataset rule")
+        return
+    elif load_attr:
+        ds_attr = load_attr[0]
+    elif state_attr:
+        ds_attr = state_attr[0]
+
+    dataset_fname = os.path.basename(ds_attr.split(" ")[1])
     filename = [fname for fname, content in dep_files.items() if fname == dataset_fname]
     if filename:
         logger.debug("Copying dataset file %s to output directory" % dataset_fname)