Fix returned RuleResult istead of CuckooReport

RuleResult was returned in case CuckooSubmitFailedException.
Which lead to AttributeError: RuleResult instance has no attribute 'score' from
expressions.

Now None is returned and handled in expression rule to return Result.failed.

4 files changed, 80 insertions, 68 deletions

diff --git a/peekaboo/locale/de/LC_MESSAGES/peekaboo.mo b/peekaboo/locale/de/LC_MESSAGES/peekaboo.mo
index c7ba71f..095544f 100644
--- a/peekaboo/locale/de/LC_MESSAGES/peekaboo.mo
+++ b/peekaboo/locale/de/LC_MESSAGES/peekaboo.mo
diff --git a/peekaboo/locale/de/LC_MESSAGES/peekaboo.po b/peekaboo/locale/de/LC_MESSAGES/peekaboo.po
index f5022ba..61f4dfb 100644
--- a/peekaboo/locale/de/LC_MESSAGES/peekaboo.po
+++ b/peekaboo/locale/de/LC_MESSAGES/peekaboo.po
@@ -6,7 +6,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PeekabooAV 1.6.2\n"
 "Report-Msgid-Bugs-To: EMAIL@ADDRESS\n"
-"POT-Creation-Date: 2019-09-09 11:18+0200\n"
+"POT-Creation-Date: 2019-10-16 11:51+0200\n"
 "PO-Revision-Date: 2019-02-14 22:02+0000\n"
 "Last-Translator: Michael Weiser <michael.weiser@gmx.de>\n"
 "Language: de\n"
@@ -104,69 +104,61 @@ msgstr "Nein"
 msgid "Rule aborted with error"
 msgstr "Regel mit Fehler abgebrochen"
 
-#: peekaboo/ruleset/rules.py:128 peekaboo/ruleset/rules.py:470
-msgid ""
-"Behavioral analysis by Cuckoo has produced an error and did not finish "
-"successfully"
-msgstr ""
-"Die Verhaltensanalyse durch Cuckoo hat einen Fehler produziert und konnte"
-" nicht erfolgreich abgeschlossen werden"
-
-#: peekaboo/ruleset/rules.py:164
+#: peekaboo/ruleset/rules.py:159
 msgid "File is not yet known to the system"
 msgstr "Datei ist dem System noch nicht bekannt"
 
-#: peekaboo/ruleset/rules.py:185
+#: peekaboo/ruleset/rules.py:180
 #, python-format
 msgid "Failure to determine sample file size: %s"
 msgstr "Ermittlung der Dateigröße fehlgeschlagen: %s"
 
-#: peekaboo/ruleset/rules.py:190
+#: peekaboo/ruleset/rules.py:185
 #, python-format
 msgid "File has more than %d bytes"
 msgstr "Datei hat mehr als %d bytes"
 
-#: peekaboo/ruleset/rules.py:196
+#: peekaboo/ruleset/rules.py:191
 #, python-format
 msgid "File is only %d bytes long"
 msgstr "Die Datei ist nur %d bytes groß"
 
-#: peekaboo/ruleset/rules.py:218
+#: peekaboo/ruleset/rules.py:213
 msgid "File type is on whitelist"
 msgstr "Dateityp ist auf Whitelist"
 
-#: peekaboo/ruleset/rules.py:222
+#: peekaboo/ruleset/rules.py:217
 msgid "File type is not on whitelist"
 msgstr "Dateityp ist nicht auf Whitelist"
 
-#: peekaboo/ruleset/rules.py:244
+#: peekaboo/ruleset/rules.py:239
 msgid "File type is on the list of types to analyze"
 msgstr "Dateityp ist auf der Liste der zu analysiserenden Typen"
 
-#: peekaboo/ruleset/rules.py:249
+#: peekaboo/ruleset/rules.py:244
 #, python-format
 msgid "File type is not on the list of types to analyse (%s)"
 msgstr "Dateityp ist nicht auf der Liste der zu analysierenden Typen (%s)"
 
-#: peekaboo/ruleset/rules.py:265
+#: peekaboo/ruleset/rules.py:261
 msgid "File is not an office document"
 msgstr "Die Datei ist kein Office Dokument"
 
-#: peekaboo/ruleset/rules.py:289
+#: peekaboo/ruleset/rules.py:285
 msgid "The file contains an Office macro"
 msgstr "Die Datei beinhaltet ein Office-Makro"
 
-#: peekaboo/ruleset/rules.py:293
+#: peekaboo/ruleset/rules.py:289
 msgid "The file does not contain a recognizable Office macro"
 msgstr "Die Datei beinhaltet kein erkennbares Office-Makro"
 
-#: peekaboo/ruleset/rules.py:314
+#: peekaboo/ruleset/rules.py:310
 msgid "The file contains an Office macro which runs at document open"
 msgstr ""
 "Die Datei beinhaltet ein Office Makro welches beim Öffnen der Datei "
 "ausgeführt wird"
 
-#: peekaboo/ruleset/rules.py:319
+#: peekaboo/ruleset/rules.py:315
 msgid ""
 "The file does not contain a recognizable Office macro that is run at "
 "document open"
@@ -174,48 +166,60 @@ msgstr ""
 "Die Datei beinhaltet kein erkennbares Office Makro welches beim Öffnen "
 "ausgeführt wird"
 
-#: peekaboo/ruleset/rules.py:390
+#: peekaboo/ruleset/rules.py:386
 msgid "No signature suggesting malware detected"
 msgstr "Keine Signatur erkannt die auf Schadcode hindeutet"
 
-#: peekaboo/ruleset/rules.py:395
+#: peekaboo/ruleset/rules.py:391
 #, python-format
 msgid "The following signatures have been recognized: %s"
 msgstr "Folgende Signaturen wurden erkannt: %s"
 
-#: peekaboo/ruleset/rules.py:414
+#: peekaboo/ruleset/rules.py:410
 #, python-format
 msgid "Cuckoo score >= %s: %s"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:419
+#: peekaboo/ruleset/rules.py:415
 #, python-format
 msgid "Cuckoo score < %s: %s"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:443
+#: peekaboo/ruleset/rules.py:439
 #, python-format
 msgid "The file attempts to contact at least one domain on the blacklist (%s)"
 msgstr ""
 "Die Datei versucht mindestens eine Domain aus der Blacklist zu "
 "kontaktieren (%s)"
 
-#: peekaboo/ruleset/rules.py:449
+#: peekaboo/ruleset/rules.py:445
 msgid "File does not seem to attempt contact with domains on the blacklist"
 msgstr "Datei scheint keine Domains aus der Blacklist kontaktieren zu wollen"
 
-#: peekaboo/ruleset/rules.py:486
+#: peekaboo/ruleset/rules.py:466
+msgid ""
+"Behavioral analysis by Cuckoo has produced an error and did not finish "
+"successfully"
+msgstr ""
+"Die Verhaltensanalyse durch Cuckoo hat einen Fehler produziert und konnte"
+" nicht erfolgreich abgeschlossen werden"
+
+#: peekaboo/ruleset/rules.py:482
 msgid "Behavioral analysis by Cuckoo completed successfully"
 msgstr "Die Verhaltensanalyse durch Cuckoo wurde erfolgreich abgeschlossen"
 
-#: peekaboo/ruleset/rules.py:539
+#: peekaboo/ruleset/rules.py:532
+msgid "Evaluation of expression couldn't get cuckoo report."
+msgstr "Auswertung des Ausdrucks konnte Cuckoo Report nicht bekommen."
+
+#: peekaboo/ruleset/rules.py:540
 msgid "Evaluation of expression uses undefined identifier."
 msgstr "Auswertung des Ausdrucks nutzt nicht definierten Bezeichner."
 
-#: peekaboo/ruleset/rules.py:544
+#: peekaboo/ruleset/rules.py:545
 #, python-format
-msgid "The rule (%s) classified the sample as %s"
-msgstr "Die Regel (%s) klassifizierte die Datei als %s"
+msgid "A rule classified the sample as %s"
+msgstr "Eine Regel klassifizierte die Datei als %s"
 
 #: peekaboo/ruleset/rules.py:550
 msgid "No rule classified the sample in any way."
@@ -225,3 +229,6 @@ msgstr "Keine Regel klassifizierte die Datei in irgendeiner Weise."
 msgid "File does not seem to exhibit recognizable malicious behaviour"
 msgstr "Datei scheint keine erkennbaren Schadroutinen zu starten"
 
+#~ msgid "The rule (%s) classified the sample as %s"
+#~ msgstr "Die Regel (%s) klassifizierte die Datei als %s"
+
diff --git a/peekaboo/locale/peekaboo.pot b/peekaboo/locale/peekaboo.pot
index e1b3f34..1632421 100644
--- a/peekaboo/locale/peekaboo.pot
+++ b/peekaboo/locale/peekaboo.pot
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PROJECT VERSION\n"
 "Report-Msgid-Bugs-To: EMAIL@ADDRESS\n"
-"POT-Creation-Date: 2019-09-09 11:18+0200\n"
+"POT-Creation-Date: 2019-10-16 11:51+0200\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -103,109 +103,113 @@ msgstr ""
 msgid "Rule aborted with error"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:128 peekaboo/ruleset/rules.py:470
-msgid ""
-"Behavioral analysis by Cuckoo has produced an error and did not finish "
-"successfully"
-msgstr ""
-
-#: peekaboo/ruleset/rules.py:164
+#: peekaboo/ruleset/rules.py:159
 msgid "File is not yet known to the system"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:185
+#: peekaboo/ruleset/rules.py:180
 #, python-format
 msgid "Failure to determine sample file size: %s"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:190
+#: peekaboo/ruleset/rules.py:185
 #, python-format
 msgid "File has more than %d bytes"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:196
+#: peekaboo/ruleset/rules.py:191
 #, python-format
 msgid "File is only %d bytes long"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:218
+#: peekaboo/ruleset/rules.py:213
 msgid "File type is on whitelist"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:222
+#: peekaboo/ruleset/rules.py:217
 msgid "File type is not on whitelist"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:244
+#: peekaboo/ruleset/rules.py:239
 msgid "File type is on the list of types to analyze"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:249
+#: peekaboo/ruleset/rules.py:244
 #, python-format
 msgid "File type is not on the list of types to analyse (%s)"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:265
+#: peekaboo/ruleset/rules.py:261
 msgid "File is not an office document"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:289
+#: peekaboo/ruleset/rules.py:285
 msgid "The file contains an Office macro"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:293
+#: peekaboo/ruleset/rules.py:289
 msgid "The file does not contain a recognizable Office macro"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:314
+#: peekaboo/ruleset/rules.py:310
 msgid "The file contains an Office macro which runs at document open"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:319
+#: peekaboo/ruleset/rules.py:315
 msgid ""
 "The file does not contain a recognizable Office macro that is run at "
 "document open"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:390
+#: peekaboo/ruleset/rules.py:386
 msgid "No signature suggesting malware detected"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:395
+#: peekaboo/ruleset/rules.py:391
 #, python-format
 msgid "The following signatures have been recognized: %s"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:414
+#: peekaboo/ruleset/rules.py:410
 #, python-format
 msgid "Cuckoo score >= %s: %s"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:419
+#: peekaboo/ruleset/rules.py:415
 #, python-format
 msgid "Cuckoo score < %s: %s"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:443
+#: peekaboo/ruleset/rules.py:439
 #, python-format
 msgid "The file attempts to contact at least one domain on the blacklist (%s)"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:449
+#: peekaboo/ruleset/rules.py:445
 msgid "File does not seem to attempt contact with domains on the blacklist"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:486
+#: peekaboo/ruleset/rules.py:466
+msgid ""
+"Behavioral analysis by Cuckoo has produced an error and did not finish "
+"successfully"
+msgstr ""
+
+#: peekaboo/ruleset/rules.py:482
 msgid "Behavioral analysis by Cuckoo completed successfully"
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:539
+#: peekaboo/ruleset/rules.py:532
+msgid "Evaluation of expression couldn't get cuckoo report."
+msgstr ""
+
+#: peekaboo/ruleset/rules.py:540
 msgid "Evaluation of expression uses undefined identifier."
 msgstr ""
 
-#: peekaboo/ruleset/rules.py:544
+#: peekaboo/ruleset/rules.py:545
 #, python-format
-msgid "The rule (%s) classified the sample as %s"
+msgid "A rule classified the sample as %s"
 msgstr ""
 
 #: peekaboo/ruleset/rules.py:550
diff --git a/peekaboo/ruleset/rules.py b/peekaboo/ruleset/rules.py
index f88c7d9..c041c00 100644
--- a/peekaboo/ruleset/rules.py
+++ b/peekaboo/ruleset/rules.py
@@ -122,11 +122,7 @@ class Rule(object):
             # exception message intentionally not present in message
             # delivered back to client as to not disclose internal
             # information, should request user to contact admin instead
-            return self.result(
-                Result.failed,
-                _("Behavioral analysis by Cuckoo has produced an error "
-                  "and did not finish successfully"),
-                False)
+            return None
 
         logger.info('Sample submitted to Cuckoo. Job ID: %s. '
                     'Sample: %s', job_id, sample)
@@ -530,6 +526,11 @@ class ExpressionRule(Rule):
                 except IdentifierMissingException as error:
                     if error.args[0] == "cuckooreport":
                         context['variables']['cuckooreport'] = self.get_cuckoo_report(sample)
+                        if not context['variables']['cuckooreport']:
+                            return self.result(
+                                Result.failed,
+                                _("Evaluation of expression couldn't get cuckoo report."),
+                                False)
                     elif error.args[0] == "olereport":
                         context['variables']['olereport'] = self.get_oletools_report(sample)
                     # here elif for other reports