Skip to content

Mime type reload #2606

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Mime type reload #2606

wants to merge 5 commits into from

Conversation

regit
Copy link
Contributor

@regit regit commented Jul 19, 2025

Add tests for new mime type computation and match.

Redmine ticket: https://redmine.openinfosecfoundation.org/issues/7816

@regit regit mentioned this pull request Jul 19, 2025
Closed
5 tasks
catenacyber
catenacyber reviewed Jul 22, 2025
View reviewed changes
tests/ftp-mimetype-detection/test.yaml
@@ -0,0 +1,19 @@
requires:
features:
- HAVE_MIMETYPE
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jasonish seeing green CI for this highlights that we need SV coverage ;-)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please elaborate? What would this look like?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You seemed to have more ideas than me.

I was just saying that manual runs should be done for releases to ensure that every SV test/check is run.
You were saying that there were tools to do that ;-)

Copy link
Member

@jasonish jasonish Jul 22, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No tools that I know of. I think Victor put out a wish directed my way that tools exist, to which I had no comment :)

@catenacyber catenacyber added the requires suricata pr Depends on a PR in Suricata label Jul 22, 2025
@regit regit mentioned this pull request Jul 24, 2025
Closed
5 tasks
This was referenced Aug 5, 2025
Closed
Closed
Closed
@regit regit mentioned this pull request Aug 17, 2025
Open
5 tasks
catenacyber
catenacyber reviewed Aug 27, 2025
View reviewed changes
tests/ftp-mimetype-detection/test.yaml
count: 1
match:
event_type: alert
alert.signature_id: 1338
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: we could check that the alert event has the mimetype

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasonish jasonish jasonish left review comments

@catenacyber catenacyber catenacyber left review comments

Assignees
No one assigned
Labels
requires suricata pr Depends on a PR in Suricata
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@regit @jasonish @catenacyber @norg