AIL/ail-framework
7
0
Fork 0
mirror of https://github.com/ail-project/ail-framework.git synced 2024-11-27 08:17:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added timeout to avoid blocking regexes

Browse source
This commit is contained in:
Xavier Mertens 2018-11-02 15:49:06 +01:00
parent 9bfb7a5fb6
commit 9e7ca84581
1 changed files with 27 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
bin/Regex.py
View file

@ -18,6 +18,7 @@ Xavier Mertens <xavier@rootshell.be>
import time import time
import os import os
import re import re
import signal
from pubsublogger import publisher from pubsublogger import publisher
#from bin.packages import Paste #from bin.packages import Paste
@ -26,6 +27,14 @@ from pubsublogger import publisher
from packages import Paste from packages import Paste
from Helper import Process from Helper import Process
class TimeoutException(Exception):
pass
def timeout_handler(signum, frame):
raise TimeoutException
signal.signal(signal.SIGALRM, timeout_handler)
# Change the path to your preferred one # Change the path to your preferred one
regexConfig = 'packages/regex.cfg' regexConfig = 'packages/regex.cfg'
@ -48,7 +57,7 @@ def load_regex(force = False):
print('Loading regular expressions') print('Loading regular expressions')
with open(regexConfig) as f: with open(regexConfig) as f:
lines = f.readlines() lines = f.readlines()
lines = [x.strip() for x in lines] lines = [x.strip() for x in lines]
validate_regex = True validate_regex = True
except: except:
print('Cannot read {}'.format(regexConfig)) print('Cannot read {}'.format(regexConfig))
@ -65,7 +74,7 @@ def load_regex(force = False):
continue continue
try: try:
re.compile(l.split('||')[1]) re.compile(l.split('||')[1])
except: except:
print('Ignored line {}: Syntax error in "{}"'.format(line, regexConfig)) print('Ignored line {}: Syntax error in "{}"'.format(line, regexConfig))
continue continue
line += 1 line += 1
@ -84,14 +93,21 @@ def search_regex(paste):
for r in regexes: for r in regexes:
(tag,pattern) = r.split('||') (tag,pattern) = r.split('||')
if re.findall(pattern, content, re.MULTILINE|re.IGNORECASE): signal.alarm(max_execution_time)
publisher.warning('Regex match: {} ({})'.format(pattern, tag)) try:
# Sanitize tag to make it easy to read if re.findall(pattern, content, re.MULTILINE|re.IGNORECASE):
tag = tag.strip().lower().replace(' ','-') publisher.warning('Regex match: {} ({})'.format(pattern, tag))
print('regex {} found'.format(tag)) # Sanitize tag to make it easy to read
msg = 'infoleak:automatic-detection="regex-{}";{}'.format(tag, message) tag = tag.strip().lower().replace(' ','-')
p.populate_set_out(msg, 'Tags') print('regex {} found'.format(tag))
find = True msg = 'infoleak:automatic-detection="regex-{}";{}'.format(tag, message)
p.populate_set_out(msg, 'Tags')
find = True
except TimeoutException:
print ("{0} processing timeout".format(paste.p_path))
continue
else:
signal.alarm(0)
if find: if find:
#Send to duplicate #Send to duplicate
@ -115,6 +131,7 @@ if __name__ == '__main__':
# Setup the I/O queues # Setup the I/O queues
p = Process(config_section) p = Process(config_section)
max_execution_time = p.config.getint(config_section, "max_execution_time")
# Sent to the logging a description of the module # Sent to the logging a description of the module
publisher.info("Run Regex module ") publisher.info("Run Regex module ")