From 44f32bc443eb06a0abcb64f4bb27fd09a2b8b908 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= <raphael@vinot.info>
Date: Sun, 27 Aug 2017 18:12:42 +0200
Subject: [PATCH] Add support for multiple entries of the same type in an
 object

---
 pymisp/data/misp-objects        |  2 +-
 pymisp/tools/elfobject.py       |  4 ++--
 pymisp/tools/objectgenerator.py | 12 ++++++++++--
 3 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/pymisp/data/misp-objects b/pymisp/data/misp-objects
index fc6d54f..d34dd5f 160000
--- a/pymisp/data/misp-objects
+++ b/pymisp/data/misp-objects
@@ -1 +1 @@
-Subproject commit fc6d54f93b47d9c2ca951d68e568d1715e6eabf0
+Subproject commit d34dd5fb606f1c4d882733d16c16103fe429991c
diff --git a/pymisp/tools/elfobject.py b/pymisp/tools/elfobject.py
index 579d012..c62a336 100644
--- a/pymisp/tools/elfobject.py
+++ b/pymisp/tools/elfobject.py
@@ -78,8 +78,8 @@ class ELFSectionObject(MISPObjectGenerator):
     def generate_attributes(self):
         self._create_attribute('name', value=self.section.name)
         self._create_attribute('type', value=str(self.section.type).split('.')[1])
-        print(self.section.flags)
-        # self._create_attribute('flag', value=str(self.section.flags).split('.')[1])
+        for flag in self.section.flags_list:
+            self._create_attribute('flag', value=str(flag).split('.')[1])
         size = self._create_attribute('size-in-bytes', value=self.section.size)
         if int(size.value) > 0:
             self._create_attribute('entropy', value=self.section.entropy)
diff --git a/pymisp/tools/objectgenerator.py b/pymisp/tools/objectgenerator.py
index d4b5105..46e4143 100644
--- a/pymisp/tools/objectgenerator.py
+++ b/pymisp/tools/objectgenerator.py
@@ -1,6 +1,7 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
+from collections import Counter
 from pymisp import MISPEvent, MISPAttribute, AbstractMISP
 import os
 import json
@@ -112,9 +113,16 @@ class MISPObjectGenerator(AbstractMISP):
 
     def _validate(self):
         """Make sure the object we're creating has the required fields"""
-        all_attribute_names = set()
+        all_object_relations = []
         for a in self.Attribute:
-            all_attribute_names.add(a.object_relation)
+            all_object_relations.append(a.object_relation)
+        count_relations = dict(Counter(all_object_relations))
+        for key, counter in count_relations.items():
+            if counter == 1:
+                continue
+            if not self.definition['attributes'][key].get('multiple'):
+                raise InvalidMISPObject('Multiple occurrences of {} is not allowed'.format(key))
+        all_attribute_names = set(count_relations.keys())
         if self.definition.get('requiredOneOf'):
             if not set(self.definition['requiredOneOf']) & all_attribute_names:
                 raise InvalidMISPObject('At least one of the following attributes is required: {}'.format(', '.join(self.definition['requiredOneOf'])))