Closed michaelweiser closed 3 years ago
Some more testing with the dummy Cuckoo API shows the expected behaviour and warning message:
2021-06-29 10:04:41,456 - peekaboo.toolbox.cuckoo - (CuckooJobTracker) - WARNING - Report returned from Cuckoo contained invalid data: signature descriptions are expected to be strings
This also revealed missing type checking for the score and the bigger structures of the report - added.
Fallout from not storing the full report any more should now be addressed by adding the origin URL of the report to our dump instead.
@jack28: Merging this will create conflicts in #188 and require a rebase. Good to go anyway?
I'm aware of that. Go ahead
Here are some improvements to the Cuckoo report to showcase what would be involved to implement input validation as suggested in #188. Lightly tested: The testsuite runs. See individual commits for rationale.