MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

chg: [internal] Use ProcessTool in StixExport

pull/7959/head
Jakub Onderka 2021-11-14 22:12:05 +01:00
parent 9793205661
commit 975bf43041
5 changed files with 53 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
app/Lib/Export/Stix1Export.php
View File

@ -9,17 +9,29 @@ class Stix1Export extends StixExport
protected function __initiate_framing_params()
{
$baseurl = escapeshellarg(Configure::read('MISP.baseurl'));
$org = escapeshellarg(Configure::read('MISP.org'));
return $this->pythonBin() . ' ' . $this->__framing_script . ' stix1 -v ' . $this->__version . ' -n ' . $baseurl . ' -o ' . $org . ' -f ' . $this->__return_format . ' ' . $this->__end_of_cmd;
return [
ProcessTool::pythonBin(),
$this->__framing_script,
'stix1',
'-v', $this->__version,
'-n', Configure::read('MISP.baseurl'),
'-o', Configure::read('MISP.org'),
'-f', $this->__return_format,
];
}
protected function __parse_misp_events(array $filenames)
{
$org = escapeshellarg(Configure::read('MISP.org'));
$filenames = implode(' ', $filenames);
$scriptFile = $this->__scripts_dir . 'misp2stix.py';
$command = $this->pythonBin() . ' ' . $scriptFile . ' -v ' . $this->__version . ' -f ' . $this->__return_format . ' -o ' . $org . ' -i ' . $filenames . $this->__end_of_cmd;
return shell_exec($command);
$command = [
ProcessTool::pythonBin(),
$this->__scripts_dir . 'misp2stix.py',
'-v', $this->__version,
'-f', $this->__return_format,
'-o', Configure::read('MISP.org'),
'-i',
];
$command = array_merge($command, $filenames);
return ProcessTool::execute($command, null, true);
}
}

18
app/Lib/Export/Stix2Export.php
View File

@ -9,14 +9,26 @@ class Stix2Export extends StixExport
protected function __initiate_framing_params()
{
return $this->pythonBin() . ' ' . $this->__framing_script . ' stix2 -v ' . $this->__version . ' --uuid ' . escapeshellarg(CakeText::uuid()) . $this->__end_of_cmd;
return [
ProcessTool::pythonBin(),
$this->__framing_script,
'stix2',
'-v', $this->__version,
'--uuid', CakeText::uuid(),
];
}
protected function __parse_misp_events(array $filenames)
{
$scriptFile = $this->__scripts_dir . 'stix2/misp2stix2.py';
$filenames = implode(' ', $filenames);
$result = shell_exec($this->pythonBin() . ' ' . $scriptFile . ' -v ' . $this->__version . ' -i ' . $filenames . $this->__end_of_cmd);
$command = [
ProcessTool::pythonBin(),
$scriptFile,
'-v', $this->__version,
'-i',
];
$command = array_merge($command, $filenames);
$result = ProcessTool::execute($command, null, true);
$result = preg_split("/\r\n|\n|\r/", trim($result));
return end($result);
}

17
app/Lib/Export/StixExport.php
View File

@ -2,6 +2,7 @@
App::uses('JSONConverterTool', 'Tools');
App::uses('TmpFileTool', 'Tools');
App::uses('JsonTool', 'Tools');
App::uses('ProcessTool', 'Tools');
abstract class StixExport
{
@ -12,7 +13,6 @@ abstract class StixExport
protected $__return_format = 'json';
protected $__scripts_dir = APP . 'files/scripts/';
protected $__framing_script = APP . 'files/scripts/misp_framing.py';
protected $__end_of_cmd = ' 2>' . APP . 'tmp/logs/exec-errors.log';
protected $__return_type = null;
/** @var array Full paths to files to convert */
@ -138,24 +138,13 @@ abstract class StixExport
private function getFraming()
{
$framingCmd = $this->__initiate_framing_params();
$framing = json_decode(shell_exec($framingCmd), true);
$framing = json_decode(ProcessTool::execute($framingCmd, null, true), true);
if ($framing === null || isset($framing['error'])) {
throw new Exception("Could not get results from framing cmd when exporting STIX file.");
}
return $framing;
}
/**
* @return string
*/
protected function pythonBin()
{
if (!isset($this->Server)) {
$this->Server = ClassRegistry::init('Server');
}
return $this->Server->getPythonVersion();
}
/**
* @param array $filenames Paths to files to process
* @return string|false|null
@ -163,7 +152,7 @@ abstract class StixExport
abstract protected function __parse_misp_events(array $filenames);
/**
* @return string
* @return array
*/
abstract protected function __initiate_framing_params();
}

19
app/Lib/Tools/ProcessTool.php
View File

@ -38,13 +38,14 @@ class ProcessTool
const LOG_FILE = APP . 'tmp/logs/exec-errors.log';
/**
* @param string|array $command If command is array, it is not necessary to escape arguments
* @param array $command If command is array, it is not necessary to escape arguments
* @param string|null $cwd
* @param bool $stderrToFile IF true, log stderrr output to LOG_FILE
* @return string Stdout
* @throws ProcessException
* @throws Exception
*/
public static function execute($command, $cwd = null, $stderrToFile = false)
public static function execute(array $command, $cwd = null, $stderrToFile = false)
{
$descriptorSpec = [
1 => ["pipe", "w"], // stdout
@ -52,12 +53,12 @@ class ProcessTool
];
if ($stderrToFile) {
self::logMessage('Running command ' . self::commandFormat($command));
self::logMessage('Running command ' . implode(' ', $command));
$descriptorSpec[2] = ["file", self::LOG_FILE, 'a'];
}
// PHP older than 7.4 do not support proc_open with array, so we need to convert values to string manually
if (PHP_VERSION_ID < 70400 && is_array($command)) {
if (PHP_VERSION_ID < 70400) {
$command = array_map('escapeshellarg', $command);
$command = implode(' ', $command);
}
@ -94,10 +95,18 @@ class ProcessTool
return $stdout;
}
/**
* @return string
*/
public static function pythonBin()
{
return Configure::read('MISP.python_bin') ?: 'python3';
}
private static function logMessage($message)
{
$logMessage = '[' . date("Y-m-d H:i:s") . ' ' . getmypid() . "] $message\n";
file_put_contents(self::LOG_FILE, $logMessage, FILE_APPEND);
file_put_contents(self::LOG_FILE, $logMessage, FILE_APPEND | LOCK_EX);
}
/**

2
app/Model/Event.php
View File

@ -5899,7 +5899,7 @@ class Event extends AppModel
}
$shell_command = [
$this->getPythonVersion(),
ProcessTool::pythonBin(),
$scriptFile,
$file,
Configure::read('MISP.default_event_distribution'),