MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

chg: [internal] Use tmp folder for stix upload

pull/7832/head
Jakub Onderka 2021-10-13 13:18:49 +02:00
parent d1acf3ea1d
commit d19c76388d
4 changed files with 23 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
app/Controller/EventsController.php
View File

@ -2189,14 +2189,11 @@ class EventsController extends AppController
public function upload_stix($stix_version = '1')
{
if ($this->request->is('post')) {
$scriptDir = APP . 'files' . DS . 'scripts';
if ($this->_isRest()) {
$randomFileName = $this->Event->generateRandomFileName();
FileAccessTool::writeToFile($scriptDir . DS . 'tmp' . DS . $randomFileName, $this->request->input());
$filePath = FileAccessTool::writeToTempFile($this->request->input());
$result = $this->Event->upload_stix(
$this->Auth->user(),
$scriptDir,
$randomFileName,
$filePath,
$stix_version,
'uploaded_stix_file.' . ($stix_version == '1' ? 'xml' : 'json'),
false
@ -2214,14 +2211,13 @@ class EventsController extends AppController
} else {
$original_file = !empty($this->data['Event']['original_file']) ? $this->data['Event']['stix']['name'] : '';
if (isset($this->data['Event']['stix']) && $this->data['Event']['stix']['size'] > 0 && is_uploaded_file($this->data['Event']['stix']['tmp_name'])) {
$randomFileName = $this->Event->generateRandomFileName();
if (!move_uploaded_file($this->data['Event']['stix']['tmp_name'], $scriptDir . DS . 'tmp' . DS . $randomFileName)) {
$filePath = FileAccessTool::createTempFile();
if (!move_uploaded_file($this->data['Event']['stix']['tmp_name'], $filePath)) {
throw new Exception("Could not move uploaded STIX file.");
}
$result = $this->Event->upload_stix(
$this->Auth->user(),
$scriptDir,
$randomFileName,
$filePath,
$stix_version,
$original_file,
$this->data['Event']['publish']

32
app/Model/Event.php
View File

@ -5858,29 +5858,29 @@ class Event extends AppModel
/**
* @param array $user
* @param string $scriptDir
* @param string $filename
* @param string $file Path
* @param string $stix_version
* @param string $original_file
* @param bool $publish
* @return int|string|array
* @throws JsonException
* @throws InvalidArgumentException
*/
public function upload_stix(array $user, $scriptDir, $filename, $stix_version, $original_file, $publish)
public function upload_stix(array $user, $file, $stix_version, $original_file, $publish)
{
$tempFilePath = $scriptDir . DS . 'tmp' . DS . $filename;
$scriptDir = APP . 'files' . DS . 'scripts';
if ($stix_version == '2') {
$scriptFile = $scriptDir . DS . 'stix2' . DS . 'stix2misp.py';
$shell_command = $this->getPythonVersion() . ' ' . $scriptFile . ' ' . $tempFilePath;
$output_path = $tempFilePath . '.stix2';
$shell_command = $this->getPythonVersion() . ' ' . $scriptFile . ' ' . $file;
$output_path = $file . '.stix2';
$stix_version = "STIX 2.0";
} elseif ($stix_version == '1' || $stix_version == '1.1' || $stix_version == '1.2') {
$scriptFile = $scriptDir . DS . 'stix2misp.py';
$shell_command = $this->getPythonVersion() . ' ' . $scriptFile . ' ' . $filename;
$output_path = $tempFilePath . '.json';
$shell_command = $this->getPythonVersion() . ' ' . $scriptFile . ' ' . $file;
$output_path = $file . '.json';
$stix_version = "STIX 1.1";
} else {
throw new MethodNotAllowedException('Invalid STIX version');
throw new InvalidArgumentException('Invalid STIX version');
}
$shell_command .= ' ' . escapeshellarg(Configure::read('MISP.default_event_distribution')) . ' ' . escapeshellarg(Configure::read('MISP.default_attribute_distribution'));
$synonymsToTagNames = $this->__getTagNamesFromSynonyms($scriptDir);
@ -5889,8 +5889,8 @@ class Event extends AppModel
$result = shell_exec($shell_command);
$result = preg_split("/\r\n|\n|\r/", trim($result));
$result = trim(end($result));
$tempFile = file_get_contents($tempFilePath);
unlink($tempFilePath);
$tempFile = file_get_contents($file);
unlink($file);
if ($result === '1') {
$data = FileAccessTool::readAndDelete($output_path);
$data = $this->jsonDecode($data);
@ -5915,16 +5915,16 @@ class Event extends AppModel
}
return $validationIssues;
} else if ($result === '2') {
$response = __('Issues while loading the stix file. ');
$response = __('Issues while loading the stix file.');
} elseif ($result === '3') {
$response = __('Issues with the maec library. ');
$response = __('Issues with the maec library.');
} else {
$response = __('Issues executing the ingestion script or invalid input. ');
$response = __('Issues executing the ingestion script or invalid input.');
}
if (!$user['Role']['perm_site_admin']) {
$response .= __('Please ask your administrator to ');
$response .= ' ' . __('Please ask your administrator to');
} else {
$response .= __('Please ');
$response .= ' ' . __('Please');
}
$response .= ' ' . __('check whether the dependencies for STIX are met via the diagnostic tool.');
return $response;

2
app/files/scripts/stix2/stix2misp.py
View File

@ -2061,7 +2061,7 @@ def from_misp(stix_objects):
def main(args):
filename = Path(os.path.dirname(args[0]), args[1])
filename = args[1] if args[1][0] == '/' else Path(os.path.dirname(args[0]), args[1])
with open(filename, 'rt', encoding='utf-8') as f:
event = stix2.parse(f.read(), allow_custom=True, interoperability=True)
stix_parser = StixFromMISPParser() if from_misp(event.objects) else ExternalStixParser()

2
app/files/scripts/stix2misp.py
View File

@ -1540,7 +1540,7 @@ def is_from_misp(event):
def main(args):
filename = '{}/tmp/{}'.format(os.path.dirname(args[0]), args[1])
filename = args[1] if args[1][0] == '/' else '{}/tmp/{}'.format(os.path.dirname(args[0]), args[1])
event = generate_event(filename)
from_misp = is_from_misp(event)
stix_parser = StixFromMISPParser() if from_misp else ExternalStixParser()