From 769e8a5b5c949e80a7cc42aaca066b7a56779c05 Mon Sep 17 00:00:00 2001
From: Teddy Reed <teddy@prosauce.org>
Date: Sun, 28 May 2017 18:16:21 -0700
Subject: [PATCH] table plugin: Convert all values to strings (#36)

---
 osquery/table_plugin.py    | 14 +++++++++++++-
 tests/test_table_plugin.py | 10 ++++++++++
 2 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/osquery/table_plugin.py b/osquery/table_plugin.py
index 3021580..92d32b9 100644
--- a/osquery/table_plugin.py
+++ b/osquery/table_plugin.py
@@ -13,6 +13,7 @@
 from abc import ABCMeta, abstractmethod
 from collections import namedtuple
 import json
+import logging
 
 from osquery.extensions.ttypes import ExtensionResponse, ExtensionStatus
 from osquery.plugin import BasePlugin
@@ -38,13 +39,24 @@ def call(self, context):
             ctx = {}
             if "context" in context:
                 ctx = json.dumps(context["context"])
+            rows = self.generate(ctx)
+            for i, row in enumerate(rows):
+                for key, value in row.items():
+                    if not isinstance(value, basestring):
+                        try:
+                            rows[i][key] = str(value)
+                        except ValueError as e:
+                            rows[i][key] = ''
+                            logging.error("Cannot convert key %s: %s" % (
+                                i, key, str(e)))
             return ExtensionResponse(
                 status=ExtensionStatus(code=0, message="OK",),
-                response=self.generate(ctx),)
+                response=rows)
         elif context["action"] == "columns":
             return ExtensionResponse(
                 status=ExtensionStatus(code=0, message="OK",),
                 response=self.routes(),)
+        return ExtensionResponse(code=1, message="Unknown action",)
 
     def registry_name(self):
         """The name of the registry type for table plugins.
diff --git a/tests/test_table_plugin.py b/tests/test_table_plugin.py
index 3ddd4ec..15f986a 100644
--- a/tests/test_table_plugin.py
+++ b/tests/test_table_plugin.py
@@ -26,6 +26,7 @@ def columns(self):
         return [
             osquery.TableColumn(name="foo", type=osquery.STRING),
             osquery.TableColumn(name="baz", type=osquery.STRING),
+            osquery.TableColumn(name="int", type=osquery.INTEGER),
         ]
 
     def generate(self, context):
@@ -35,6 +36,7 @@ def generate(self, context):
             row = {}
             row["foo"] = "bar"
             row["baz"] = "baz"
+            row["int"] = 42
             query_data.append(row)
 
         return query_data
@@ -64,6 +66,12 @@ def test_routes_are_correct(self):
                 "type": "TEXT",
                 "name": "baz",
             },
+            {
+                "id": "column",
+                "op": "0",
+                "type": "INTEGER",
+                "name": "int",
+            },
         ]
         osquery.ExtensionManager().add_plugin(MockTablePlugin)
         mtp = MockTablePlugin()
@@ -77,10 +85,12 @@ def test_simple_call(self):
             {
                 "foo": "bar",
                 "baz": "baz",
+                "int": "42",
             },
             {
                 "foo": "bar",
                 "baz": "baz",
+                "int": "42",
             },
         ]
         self.assertEqual(results.response, expected)