You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Oct 5, 2019. It is now read-only.
I have got the ValueError: Invalid IPv6 URL when running the analyze filter for a certain file path:
$ cat ../INCIDENT-28-2015_07_27-10_56_02.json | python -m osxcollector.output_filters.analyze -f '/Users/jdoe/Downloads/some_malware_file'
Traceback (most recent call last):
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 162, in _run_module_as_main
"__main__", fname, loader, pkg_name)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/Users/jsendor/Documents/osxcollector/osxcollector/output_filters/analyze.py", line 453, in<module>main()
File "/Users/jsendor/Documents/osxcollector/osxcollector/output_filters/analyze.py", line 449, in main
run_filter_main(AnalyzeFilter)
File "osxcollector/output_filters/base_filters/output_filter.py", line 142, in run_filter_main
_run_filter(output_filter)
File "osxcollector/output_filters/base_filters/output_filter.py", line 109, in _run_filter
blob = output_filter.filter_line(blob)
File "osxcollector/output_filters/base_filters/chain.py", line 48, in filter_line
return self._on_filter_line(blob, self._head_of_chain)
File "osxcollector/output_filters/base_filters/chain.py", line 61, in _on_filter_line
return self._on_filter_line(link.filter_line(blob), link._next_link)
File "osxcollector/output_filters/base_filters/chain.py", line 61, in _on_filter_line
return self._on_filter_line(link.filter_line(blob), link._next_link)
File "osxcollector/output_filters/base_filters/chain.py", line 61, in _on_filter_line
return self._on_filter_line(link.filter_line(blob), link._next_link)
File "osxcollector/output_filters/find_domains.py", line 33, in filter_line
self._look_for_domains(blob)
File "osxcollector/output_filters/find_domains.py", line 63, in _look_for_domains
self._look_for_domains(elem, key)
File "osxcollector/output_filters/find_domains.py", line 56, in _look_for_domains
domain = self._url_to_domain(maybe_url)
File "osxcollector/output_filters/find_domains.py", line 79, in _url_to_domain
split_url = urlsplit(url)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urlparse.py", line 213, in urlsplit
raise ValueError("Invalid IPv6 URL")
ValueError: Invalid IPv6 URL
I am quite sure the problem is with some URL in the OSXCollector output file.
It seems that the error is caused by a URL with trailing ] character, as in:
https://example.com]
The text was updated successfully, but these errors were encountered:
This is caused by any string that although looks like it should be a URL (e.g. starts with http or https) it really isn't. In that case the exception should be caught and simply ignored, returning None from the _url_to_domain method.
Migrated from Yelp/osxcollector#97
I have got the
ValueError: Invalid IPv6 URL
when running the analyze filter for a certain file path:I am quite sure the problem is with some URL in the OSXCollector output file.
It seems that the error is caused by a URL with trailing
]
character, as in:The text was updated successfully, but these errors were encountered: