From 975bf4304198f2a0de836a683fb1d37e4edca5c0 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sun, 14 Nov 2021 22:12:05 +0100 Subject: [PATCH] chg: [internal] Use ProcessTool in StixExport --- app/Lib/Export/Stix1Export.php | 28 ++++++++++++++++++++-------- app/Lib/Export/Stix2Export.php | 18 +++++++++++++++--- app/Lib/Export/StixExport.php | 17 +++-------------- app/Lib/Tools/ProcessTool.php | 19 ++++++++++++++----- app/Model/Event.php | 2 +- 5 files changed, 53 insertions(+), 31 deletions(-) diff --git a/app/Lib/Export/Stix1Export.php b/app/Lib/Export/Stix1Export.php index f1f523c0f..8262f5fdf 100644 --- a/app/Lib/Export/Stix1Export.php +++ b/app/Lib/Export/Stix1Export.php @@ -9,17 +9,29 @@ class Stix1Export extends StixExport protected function __initiate_framing_params() { - $baseurl = escapeshellarg(Configure::read('MISP.baseurl')); - $org = escapeshellarg(Configure::read('MISP.org')); - return $this->pythonBin() . ' ' . $this->__framing_script . ' stix1 -v ' . $this->__version . ' -n ' . $baseurl . ' -o ' . $org . ' -f ' . $this->__return_format . ' ' . $this->__end_of_cmd; + return [ + ProcessTool::pythonBin(), + $this->__framing_script, + 'stix1', + '-v', $this->__version, + '-n', Configure::read('MISP.baseurl'), + '-o', Configure::read('MISP.org'), + '-f', $this->__return_format, + ]; } protected function __parse_misp_events(array $filenames) { - $org = escapeshellarg(Configure::read('MISP.org')); - $filenames = implode(' ', $filenames); - $scriptFile = $this->__scripts_dir . 'misp2stix.py'; - $command = $this->pythonBin() . ' ' . $scriptFile . ' -v ' . $this->__version . ' -f ' . $this->__return_format . ' -o ' . $org . ' -i ' . $filenames . $this->__end_of_cmd; - return shell_exec($command); + $command = [ + ProcessTool::pythonBin(), + $this->__scripts_dir . 'misp2stix.py', + '-v', $this->__version, + '-f', $this->__return_format, + '-o', Configure::read('MISP.org'), + '-i', + ]; + $command = array_merge($command, $filenames); + + return ProcessTool::execute($command, null, true); } } diff --git a/app/Lib/Export/Stix2Export.php b/app/Lib/Export/Stix2Export.php index 3e611267d..b9514adde 100644 --- a/app/Lib/Export/Stix2Export.php +++ b/app/Lib/Export/Stix2Export.php @@ -9,14 +9,26 @@ class Stix2Export extends StixExport protected function __initiate_framing_params() { - return $this->pythonBin() . ' ' . $this->__framing_script . ' stix2 -v ' . $this->__version . ' --uuid ' . escapeshellarg(CakeText::uuid()) . $this->__end_of_cmd; + return [ + ProcessTool::pythonBin(), + $this->__framing_script, + 'stix2', + '-v', $this->__version, + '--uuid', CakeText::uuid(), + ]; } protected function __parse_misp_events(array $filenames) { $scriptFile = $this->__scripts_dir . 'stix2/misp2stix2.py'; - $filenames = implode(' ', $filenames); - $result = shell_exec($this->pythonBin() . ' ' . $scriptFile . ' -v ' . $this->__version . ' -i ' . $filenames . $this->__end_of_cmd); + $command = [ + ProcessTool::pythonBin(), + $scriptFile, + '-v', $this->__version, + '-i', + ]; + $command = array_merge($command, $filenames); + $result = ProcessTool::execute($command, null, true); $result = preg_split("/\r\n|\n|\r/", trim($result)); return end($result); } diff --git a/app/Lib/Export/StixExport.php b/app/Lib/Export/StixExport.php index 6c178714e..6b64a4c23 100644 --- a/app/Lib/Export/StixExport.php +++ b/app/Lib/Export/StixExport.php @@ -2,6 +2,7 @@ App::uses('JSONConverterTool', 'Tools'); App::uses('TmpFileTool', 'Tools'); App::uses('JsonTool', 'Tools'); +App::uses('ProcessTool', 'Tools'); abstract class StixExport { @@ -12,7 +13,6 @@ abstract class StixExport protected $__return_format = 'json'; protected $__scripts_dir = APP . 'files/scripts/'; protected $__framing_script = APP . 'files/scripts/misp_framing.py'; - protected $__end_of_cmd = ' 2>' . APP . 'tmp/logs/exec-errors.log'; protected $__return_type = null; /** @var array Full paths to files to convert */ @@ -138,24 +138,13 @@ abstract class StixExport private function getFraming() { $framingCmd = $this->__initiate_framing_params(); - $framing = json_decode(shell_exec($framingCmd), true); + $framing = json_decode(ProcessTool::execute($framingCmd, null, true), true); if ($framing === null || isset($framing['error'])) { throw new Exception("Could not get results from framing cmd when exporting STIX file."); } return $framing; } - /** - * @return string - */ - protected function pythonBin() - { - if (!isset($this->Server)) { - $this->Server = ClassRegistry::init('Server'); - } - return $this->Server->getPythonVersion(); - } - /** * @param array $filenames Paths to files to process * @return string|false|null @@ -163,7 +152,7 @@ abstract class StixExport abstract protected function __parse_misp_events(array $filenames); /** - * @return string + * @return array */ abstract protected function __initiate_framing_params(); } diff --git a/app/Lib/Tools/ProcessTool.php b/app/Lib/Tools/ProcessTool.php index 1138faec5..0a0d537dd 100644 --- a/app/Lib/Tools/ProcessTool.php +++ b/app/Lib/Tools/ProcessTool.php @@ -38,13 +38,14 @@ class ProcessTool const LOG_FILE = APP . 'tmp/logs/exec-errors.log'; /** - * @param string|array $command If command is array, it is not necessary to escape arguments + * @param array $command If command is array, it is not necessary to escape arguments * @param string|null $cwd + * @param bool $stderrToFile IF true, log stderrr output to LOG_FILE * @return string Stdout * @throws ProcessException * @throws Exception */ - public static function execute($command, $cwd = null, $stderrToFile = false) + public static function execute(array $command, $cwd = null, $stderrToFile = false) { $descriptorSpec = [ 1 => ["pipe", "w"], // stdout @@ -52,12 +53,12 @@ class ProcessTool ]; if ($stderrToFile) { - self::logMessage('Running command ' . self::commandFormat($command)); + self::logMessage('Running command ' . implode(' ', $command)); $descriptorSpec[2] = ["file", self::LOG_FILE, 'a']; } // PHP older than 7.4 do not support proc_open with array, so we need to convert values to string manually - if (PHP_VERSION_ID < 70400 && is_array($command)) { + if (PHP_VERSION_ID < 70400) { $command = array_map('escapeshellarg', $command); $command = implode(' ', $command); } @@ -94,10 +95,18 @@ class ProcessTool return $stdout; } + /** + * @return string + */ + public static function pythonBin() + { + return Configure::read('MISP.python_bin') ?: 'python3'; + } + private static function logMessage($message) { $logMessage = '[' . date("Y-m-d H:i:s") . ' ' . getmypid() . "] $message\n"; - file_put_contents(self::LOG_FILE, $logMessage, FILE_APPEND); + file_put_contents(self::LOG_FILE, $logMessage, FILE_APPEND | LOCK_EX); } /** diff --git a/app/Model/Event.php b/app/Model/Event.php index ebdf37b94..923a4dc40 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -5899,7 +5899,7 @@ class Event extends AppModel } $shell_command = [ - $this->getPythonVersion(), + ProcessTool::pythonBin(), $scriptFile, $file, Configure::read('MISP.default_event_distribution'),