[Secureideas-cvs] base-php4/includes base_signature.inc.php, 1.21, 1.22
Brought to you by:
secureideas,
sinukas
From: Juergen L. <jle...@us...> - 2008-07-30 15:12:52
|
Update of /cvsroot/secureideas/base-php4/includes In directory sc8-pr-cvs8.sourceforge.net:/tmp/cvs-serv15812/base-php4/includes Modified Files: base_signature.inc.php Log Message: - The array member "emerging" in base_conf.php is now read - The workaround for the barnyard bug with empty $sig_gid should now work with emerging threat, as well. - Cosmetics. Index: base_signature.inc.php =================================================================== RCS file: /cvsroot/secureideas/base-php4/includes/base_signature.inc.php,v retrieving revision 1.21 retrieving revision 1.22 diff -u -d -r1.21 -r1.22 --- base_signature.inc.php 30 Jul 2008 00:15:14 -0000 1.21 +++ base_signature.inc.php 30 Jul 2008 15:12:39 -0000 1.22 @@ -123,6 +123,22 @@ $ref_tag_number = 0; } } + /* The following pattern tries to catch those bogus + ref_tags, as can appear, when barnyard does not + deliver a proper $sig_gid. See below the line + "Hack to fix blank gid from barnyard -- Kevin Johnson" + */ + elseif (preg_match("/^[\t ]*([0-9]+)[\t ]*$/", $ref_tag, $backref)) + { + if ($backref[1] != "") + { + $ref_tag_number = sprintf("%d", $backref[1]); + } + else + { + $ref_tag_number = 0; + } + } else { $ref_tag_number = 0; @@ -133,7 +149,7 @@ /* then we assume it is actually emerging threats rather than snort */ { return "<FONT SIZE=-1>" . - "[<A HREF=\"http://docs.emergingthreats.net/" . $ref_tag_number . "\">" . "emerging threats</a>]"; + "[<A HREF=\"" . $GLOBALS['external_sig_link']["emerging"][0] . $ref_tag_number . "\">" . "emerging threats</a>]"; } else { @@ -195,7 +211,7 @@ $ref = $ref.GetSingleSignatureReference($ref_system, $ref_tag, $style); - /* Automatically add an ICAT reference is a CVE reference exists */ + /* Automatically add an ICAT reference if a CVE reference exists */ if ( $ref_system == "cve" ) $ref = $ref.GetSingleSignatureReference("icat", $ref_tag, $style); @@ -236,16 +252,24 @@ /* snort.org should be documenting all official signatures, * so automatically add a link */ - if ( $sig_sid != "") { + if ( $sig_sid != "") + { if ( $db->baseGetDBversion() >= 107 ) - /* Hack to finx blank gid from barnyard -- Kevin Johnson */ - if ( $sig_gid != "") { + { + /* Hack to fix blank gid from barnyard -- Kevin Johnson */ + if ( $sig_gid != "") + { $ref = $ref.GetSingleSignatureReference("snort", $sig_gid .':'. $sig_sid, $style); - } else { - $ref = $ref.GetSingleSignatureReference("snort", $sig_sid, $style); - } + } + else + { + $ref = $ref.GetSingleSignatureReference("snort", $sig_sid, $style); + } + } else + { $ref = $ref.GetSingleSignatureReference("snort", $sig_sid, $style); + } } } |