False positive generated by mvt.common.indicators.check_domain method

[rahim-devops]

I’ve noticed that the check_domain method in the MVT tool uses a broad except Exception block, which can lead to false positives when checking for domain indicators. Specifically, if URL parsing fails, the method falls back to a substring match on the URL without providing specific error handling. This can obscure the actual issues occurring during URL processing and may return unintended matches.

try:
    # URL parsing logic
    ...
except Exception:
    # If URL parsing failed, we just try to do a simple substring
    # match.
    for idx, ioc in domain_matcher.iter(url):
        if ioc["value"].lower() in url:  # TODO : fix me
            self.log.warning(
                "Maybe found a known suspicious domain %s "
                'matching indicator "%s" from "%s"',
                url,
                ioc["value"],
                ioc["name"],
            )
            return ioc

        # If nothing matched, we can quit here.
        return None

Can anyone improve Exception Handling in check_domain Method.