-
-
Notifications
You must be signed in to change notification settings - Fork 21
/
Copy pathscan_test.go
73 lines (57 loc) · 1.74 KB
/
scan_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
package main_test
import (
"strings"
"testing"
log "github.com/sirupsen/logrus"
)
const threatString = `main(): The map file wasn't found, symbols wont be available
main(): Scanning /malware/EICAR...
EngineScanCallback(): Scanning input
EngineScanCallback(): Threat Virus:DOS/EICAR_Test_File identified.
`
const cleanString = `main(): The map file wasn't found, symbols wont be available
main(): Scanning /malware/EICAR...
EngineScanCallback(): Scanning input
`
func parseWindowsDefenderOutput(windefout string) (string, error) {
lines := strings.Split(windefout, "\n")
for _, line := range lines {
if strings.Contains(line, "Scanning input") {
continue
}
if strings.Contains(line, "EngineScanCallback") {
threat := strings.TrimPrefix(strings.TrimSpace(line), "EngineScanCallback():")
if len(threat) > 0 {
threat = strings.TrimSpace(threat)
threat = strings.TrimPrefix(threat, "Threat")
threat = strings.TrimSuffix(threat, "identified.")
return strings.TrimSpace(threat), nil
} else {
log.Errorf("Umm... len(threat)=%d, threat=%v", len(threat), threat)
}
}
}
return "CLEAN", nil
}
// TestParseResult tests the ParseFSecureOutput function.
func TestParseThreat(t *testing.T) {
results, err := parseWindowsDefenderOutput(threatString)
if err != nil {
t.Log(err)
}
if !strings.EqualFold(results, "Virus:DOS/EICAR_Test_File") {
t.Error("Threat incorrectly extracted")
t.Log("results: ", results)
}
}
// TestParseResult tests the ParseFSecureOutput function.
func TestParseClean(t *testing.T) {
results, err := parseWindowsDefenderOutput(cleanString)
if err != nil {
t.Log(err)
}
if !strings.EqualFold(results, "CLEAN") {
t.Error("Threat incorrectly extracted")
t.Log("results: ", results)
}
}