mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-14 17:06:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

updated justification

Browse Source
This commit is contained in:
Greg DiCristofaro 2021-05-25 15:57:21 -04:00
parent 718738832e
commit 0ec59a3a7e
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchIngestModule.java
View File

@ -24,6 +24,7 @@ import java.util.Set;
import java.util.logging.Level;
import org.openide.util.NbBundle;
import org.openide.util.NbBundle.Messages;
import org.python.icu.text.MessageFormat;
import org.sleuthkit.autopsy.casemodule.Case;
import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException;
import org.sleuthkit.autopsy.coreutils.Logger;
@ -142,9 +143,13 @@ public class FileExtMismatchIngestModule implements FileIngestModule {
addToTotals(jobId, System.currentTimeMillis() - startTime);
if (mismatchDetected) {
String justification = MessageFormat.format("File has an extension of {0} but mime type is {1}",
abstractFile.getNameExtension(), detector.getMIMEType(abstractFile));
// add artifact
BlackboardArtifact bart = abstractFile.newAnalysisResult(
BlackboardArtifact.Type.TSK_EXT_MISMATCH_DETECTED, LIKELY_NOTABLE_SCORE, null, null, null, Collections.emptyList())
BlackboardArtifact.Type.TSK_EXT_MISMATCH_DETECTED, LIKELY_NOTABLE_SCORE,
null, null, justification, Collections.emptyList())
.getAnalysisResult();
try {