зеркало из https://github.com/mozilla/mig.git
d0e77beaf8
The matchlimit option to the file module was not working correctly due to a couple reasons. First, it relied on the Totalhits value in the module statistics to compare the number of hits to the match limit. This value was compiled in buildResults, so was 0 throughout module execution. Because of this matchlimit would never be exceeded. Also, the comparison to Totalhits was only occuring on directory entry. This means if the match limit was hit while scanning a single directory, it would continue to scan files exceeding the match limit. This modifies the way results are processed by Search types, so individual checks submit matched files via a channel to the parent Search entry. The Search entry can then maintain a list of matches, and increment Totalhits as required while the processing is occuring instead of in buildResults. Closes #382 |
||
|---|---|---|
| .. | ||
| agentdestroy | ||
| example | ||
| examplepersist | ||
| file | ||
| fswatch | ||
| memory | ||
| netstat | ||
| ping | ||
| pkg | ||
| scribe | ||
| timedrift | ||
| yara | ||
| modules.go | ||
| modules_test.go | ||
| registration.go | ||