[Minor] lua_scanners - improve fail debugging

author Carsten Rosenberg <c.rosenberg@heinlein-support.de>

Wed, 27 Mar 2019 19:26:59 +0000 (20:26 +0100)

committer Carsten Rosenberg <c.rosenberg@heinlein-support.de>

Wed, 27 Mar 2019 19:26:59 +0000 (20:26 +0100)
author Carsten Rosenberg <c.rosenberg@heinlein-support.de>
Wed, 27 Mar 2019 19:26:59 +0000 (20:26 +0100)
committer Carsten Rosenberg <c.rosenberg@heinlein-support.de>
Wed, 27 Mar 2019 19:26:59 +0000 (20:26 +0100)
diff --git a/lualib/lua_scanners/common.lua b/lualib/lua_scanners/common.lua

index 2a748eaa51d4e7283860ca74f1e2b50575d88adf..9bf2adf44463871ef963c563cb4e20d3afcd0723 100644 (file)
--- a/lualib/lua_scanners/common.lua
+++ b/lualib/lua_scanners/common.lua
@@ -65,52 +65,46 @@ local function yield_result(task, rule, vname, dyn_weight, is_fail)
    local all_whitelisted = true
    local patterns
    local symbol
+  local threat_table = {}
+  local threat_info
  
    -- This should be more generic
    if not is_fail then
      patterns = rule.patterns
      symbol = rule.symbol
+    threat_info = rule.detection_category .. 'found'
      if not dyn_weight then dyn_weight = 1.0 end
    elseif is_fail == 'fail' then
      patterns = rule.patterns_fail
      symbol = rule.symbol_fail
+    threat_info = "FAILED with error"
      dyn_weight = 0.0
    end
  
    if type(vname) == 'string' then
-    local symname, symscore = match_patterns(symbol,
-        vname,
-        patterns,
-        dyn_weight)
-    if rule.whitelist and rule.whitelist:get_key(vname) then
-      rspamd_logger.infox(task, '%s: "%s" is in whitelist', rule.log_prefix, vname)
-      return
-    end
-    task:insert_result(symname, symscore, vname)
-    rspamd_logger.infox(task, '%s: %s found: "%s - score: %s"',
-        rule.log_prefix, rule.detection_category, vname, symscore)
+    table.insert(threat_table, vname)
    elseif type(vname) == 'table' then
-    for _, vn in ipairs(vname) do
-      local symname, symscore = match_patterns(symbol, vn, patterns, dyn_weight)
-      if rule.whitelist and rule.whitelist:get_key(vn) then
-        rspamd_logger.infox(task, '%s: "%s" is in whitelist', rule.log_prefix, vn)
-      else
-        all_whitelisted = false
-        task:insert_result(symname, symscore, vn)
-        rspamd_logger.infox(task, '%s: %s found: "%s - score: %s"',
-            rule.log_prefix, rule.detection_category, vn, symscore)
-      end
-    end
+    threat_table = vname
    end
-  if rule.action and is_fail ~= 'fail' then
-    if type(vname) == 'table' then
-      if all_whitelisted then return end
-      vname = table.concat(vname, '; ')
+
+  for _, tm in ipairs(threat_table) do
+    local symname, symscore = match_patterns(symbol, tm, patterns, dyn_weight)
+    if rule.whitelist and rule.whitelist:get_key(tm) then
+      rspamd_logger.infox(task, '%s: "%s" is in whitelist', rule.log_prefix, tm)
+    else
+      all_whitelisted = false
+      task:insert_result(symname, symscore, tm)
+      rspamd_logger.infox(task, '%s: result - %s: "%s - score: %s"',
+          rule.log_prefix, threat_info, tm, symscore)
      end
+  end
+
+  if rule.action and is_fail ~= 'fail' and not all_whitelisted then
+    threat_table = table.concat(threat_table, '; ')
      task:set_pre_result(rule.action,
          lua_util.template(rule.message or 'Rejected', {
            SCANNER = rule.name,
-          VIRUS = vname,
+          VIRUS = threat_table,
          }), rule.name)
    end
  end
author	Carsten Rosenberg <c.rosenberg@heinlein-support.de>
	Wed, 27 Mar 2019 19:26:59 +0000 (20:26 +0100)
committer	Carsten Rosenberg <c.rosenberg@heinlein-support.de>
	Wed, 27 Mar 2019 19:26:59 +0000 (20:26 +0100)