(file_path, is_suspicious, fuzzy_rule_match)
| 21 | ) |
| 22 | ) |
| 23 | def test_is_suspicious_file(file_path, is_suspicious, fuzzy_rule_match): |
| 24 | ret = archive.is_suspicious(pth=file_path, location='something') |
| 25 | |
| 26 | if is_suspicious: |
| 27 | assert ret is not None |
| 28 | assert isinstance(ret, Detection) |
| 29 | match = { |
| 30 | "type": "SuspiciousArchiveEntry", |
| 31 | "location": "something", |
| 32 | "extra": { |
| 33 | "entry_path": file_path |
| 34 | } |
| 35 | } |
| 36 | assert fuzzy_rule_match(ret, match) |
| 37 | else: |
| 38 | assert ret is None |
| 39 | |
| 40 | |
| 41 | def test_zip_extractor(fixtures): |
nothing calls this directly
no test coverage detected