update: make make_binary_objects more flexible

fix: use proper exception handlers

pymisp/tools/create_misp_object.py

@@ -45,9 +45,9 @@ def make_macho_objects(lief_parsed, misp_file):
     return misp_file, macho_object, macho_sections
 
 
-def make_binary_objects(filepath):
+def make_binary_objects(filepath=None, pseudofile=None, filename=None):
-    misp_file = FileObject(filepath)
+    misp_file = FileObject(filepath=filepath, pseudofile=pseudofile, filename=filename)
-    if HAS_LIEF:
+    if HAS_LIEF and filepath:
         try:
             lief_parsed = lief.parse(filepath)
             if isinstance(lief_parsed, lief.PE.Binary):
@@ -64,6 +64,8 @@ def make_binary_objects(filepath):
             warnings.warn('\tParser error: ', e)
         except FileTypeNotImplemented as e:  # noqa
             warnings.warn(e)
-    else:
+    if not HAS_LIEF:
         warnings.warn('Please install lief, documentation here: https://github.com/lief-project/LIEF')
+    if not filepath:
+        warnings.warn('LIEF currently requires a filepath and not a pseudo file')
     return misp_file, None, None

pymisp/tools/elfobject.py

@@ -2,6 +2,7 @@
 # -*- coding: utf-8 -*-
 
 from .abstractgenerator import AbstractMISPObjectGenerator
+from ..exceptions import InvalidMISPObject
 from io import BytesIO
 from hashlib import md5, sha1, sha256, sha512
 import warnings
@@ -33,7 +34,7 @@ class ELFObject(AbstractMISPObjectGenerator):
             elif isinstance(pseudofile, bytes):
                 self.__elf = lief.ELF.parse(raw=pseudofile)
             else:
-                raise Exception('Pseudo file can be BytesIO or bytes got {}'.format(type(pseudofile)))
+                raise InvalidMISPObject('Pseudo file can be BytesIO or bytes got {}'.format(type(pseudofile)))
         elif filepath:
             self.__elf = lief.ELF.parse(filepath)
         elif parsed:
@@ -41,7 +42,7 @@ class ELFObject(AbstractMISPObjectGenerator):
             if isinstance(parsed, lief.ELF.Binary):
                 self.__elf = parsed
             else:
-                raise Exception('Not a lief.ELF.Binary: {}'.format(type(parsed)))
+                raise InvalidMISPObject('Not a lief.ELF.Binary: {}'.format(type(parsed)))
         super(ELFObject, self).__init__('elf')
         self.generate_attributes()
         # Mark as non_jsonable because we need to add them manually

pymisp/tools/fileobject.py

@@ -1,6 +1,7 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 
+from ..exceptions import InvalidMISPObject
 from .abstractgenerator import AbstractMISPObjectGenerator
 import os
 from io import BytesIO
@@ -29,18 +30,22 @@ class FileObject(AbstractMISPObjectGenerator):
             warnings.warn("Please install pydeep: pip install git+https://github.com/kbandla/pydeep.git")
         if not HAS_MAGIC:
             warnings.warn("Please install python-magic: pip install python-magic.")
+        if filename:
+            # Useful in case the file is copied with a pre-defined name by a script but we want to keep the original name
+            self.__filename = filename
+        elif filepath:
+            self.__filename = os.path.basename(filepath)
+        else:
+            raise InvalidMISPObject('A file name is required (either in the path, or as a parameter).')
+
         if filepath:
-            self.filepath = filepath
-            self.filename = os.path.basename(self.filepath)
             with open(filepath, 'rb') as f:
                 self.__pseudofile = BytesIO(f.read())
         elif pseudofile and isinstance(pseudofile, BytesIO):
             # WARNING: lief.parse requires a path
-            self.filepath = None
             self.__pseudofile = pseudofile
-            self.filename = filename
         else:
-            raise Exception('File buffer (BytesIO) or a path is required.')
+            raise InvalidMISPObject('File buffer (BytesIO) or a path is required.')
         # PY3 way:
         # super().__init__('file')
         super(FileObject, self).__init__('file')
@@ -50,7 +55,7 @@ class FileObject(AbstractMISPObjectGenerator):
         self.update_not_jsonable('ObjectReference')
 
     def generate_attributes(self):
-        self.add_attribute('filename', value=self.filename)
+        self.add_attribute('filename', value=self.__filename)
         size = self.add_attribute('size-in-bytes', value=len(self.__data))
         if int(size.value) > 0:
             self.add_attribute('entropy', value=self.__entropy_H(self.__data))
@@ -58,7 +63,7 @@ class FileObject(AbstractMISPObjectGenerator):
             self.add_attribute('sha1', value=sha1(self.__data).hexdigest())
             self.add_attribute('sha256', value=sha256(self.__data).hexdigest())
             self.add_attribute('sha512', value=sha512(self.__data).hexdigest())
-            self.add_attribute('malware-sample', value=self.filename, data=self.__pseudofile)
+            self.add_attribute('malware-sample', value=self.__filename, data=self.__pseudofile)
             if HAS_MAGIC:
                 self.add_attribute('mimetype', value=magic.from_buffer(self.__data))
             if HAS_PYDEEP:

pymisp/tools/machoobject.py

@@ -1,6 +1,7 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 
+from ..exceptions import InvalidMISPObject
 from .abstractgenerator import AbstractMISPObjectGenerator
 from io import BytesIO
 from hashlib import md5, sha1, sha256, sha512
@@ -33,7 +34,7 @@ class MachOObject(AbstractMISPObjectGenerator):
             elif isinstance(pseudofile, bytes):
                 self.__macho = lief.MachO.parse(raw=pseudofile)
             else:
-                raise Exception('Pseudo file can be BytesIO or bytes got {}'.format(type(pseudofile)))
+                raise InvalidMISPObject('Pseudo file can be BytesIO or bytes got {}'.format(type(pseudofile)))
         elif filepath:
             self.__macho = lief.MachO.parse(filepath)
         elif parsed:
@@ -41,7 +42,7 @@ class MachOObject(AbstractMISPObjectGenerator):
             if isinstance(parsed, lief.MachO.Binary):
                 self.__macho = parsed
             else:
-                raise Exception('Not a lief.MachO.Binary: {}'.format(type(parsed)))
+                raise InvalidMISPObject('Not a lief.MachO.Binary: {}'.format(type(parsed)))
         # Python3 way
         # super().__init__('elf')
         super(MachOObject, self).__init__('macho')

pymisp/tools/peobject.py

@@ -1,6 +1,7 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 
+from ..exceptions import InvalidMISPObject
 from .abstractgenerator import AbstractMISPObjectGenerator
 from io import BytesIO
 from hashlib import md5, sha1, sha256, sha512
@@ -34,7 +35,7 @@ class PEObject(AbstractMISPObjectGenerator):
             elif isinstance(pseudofile, bytes):
                 self.__pe = lief.PE.parse(raw=pseudofile)
             else:
-                raise Exception('Pseudo file can be BytesIO or bytes got {}'.format(type(pseudofile)))
+                raise InvalidMISPObject('Pseudo file can be BytesIO or bytes got {}'.format(type(pseudofile)))
         elif filepath:
             self.__pe = lief.PE.parse(filepath)
         elif parsed:
@@ -42,7 +43,7 @@ class PEObject(AbstractMISPObjectGenerator):
             if isinstance(parsed, lief.PE.Binary):
                 self.__pe = parsed
             else:
-                raise Exception('Not a lief.PE.Binary: {}'.format(type(parsed)))
+                raise InvalidMISPObject('Not a lief.PE.Binary: {}'.format(type(parsed)))
         # Python3 way
         # super().__init__('pe')
         super(PEObject, self).__init__('pe')