fix: [stix2 export] Avoiding issues with Note objects referencing Cus…

…tom objects - Added the `allow_custom` flag into the Note args
MISP · Aug 7, 2024 · 0816983 · 0816983
1 parent c9495b1
commit 0816983
Showing 1 changed file with 12 additions and 4 deletions.
diff --git a/misp_stix_converter/misp2stix/misp_to_stix21.py b/misp_stix_converter/misp2stix/misp_to_stix21.py
@@ -132,7 +132,7 @@ def _parse_event_data(self):
                     list(object_refs) if object_refs
                     else self._handle_empty_note_refs()
                 )
-                self._append_SDO(Note(**note_args))
+                self._append_SDO(self._create_note(note_args))
                 self._handle_analyst_data(note_args['id'], event_report)
         else:
             self._id_parsing_function = {
@@ -199,7 +199,7 @@ def _handle_empty_object_refs(self, object_id: str, timestamp: datetime):
             'created_by_ref': self.identity_id, 'object_refs': [object_id],
             'content': 'This MISP Event is empty and contains no attribute, object, galaxy or tag.'
         }
-        self._append_SDO(Note(**note_args))
+        self._append_SDO(self._create_note(note_args))
 
     def _handle_markings(self, object_args: dict, markings: tuple):
         marking_ids = []
@@ -236,7 +236,9 @@ def _handle_note_data(self, note, object_id: str):
         }
         if note.get('language'):
             note_args['lang'] = note['language']
-        getattr(self, self._results_handling_function)(Note(**note_args))
+        getattr(self, self._results_handling_function)(
+            self._create_note(note_args)
+        )
 
     def _handle_object_analyst_data(
             self, misp_object: Union[MISPObject, dict], object_id: str):
@@ -799,7 +801,7 @@ def _parse_annotation_object(
                     values[0] if isinstance(values, list) and len(values) == 1
                     else values
                 )
-        self._append_SDO(Note(**note_args))
+        self._append_SDO(self._create_note(note_args))
         self._handle_object_analyst_data(misp_object, note_id)
 
     def _parse_asn_object_observable(
@@ -1750,6 +1752,12 @@ def _create_malware(malware_args: dict) -> Malware:
             malware_args['is_family'] = False
         return Malware(**malware_args)
 
+    @staticmethod
+    def _create_note(note_args: dict) -> Note:
+        if any(ref.startswith('x-misp-') for ref in note_args['object_refs']):
+            note_args['allow_custom'] = True
+        return Note(**note_args)
+
     def _create_observed_data(self, args: dict, observables: list):
         args['object_refs'] = [observable.id for observable in observables]
         getattr(self, self._results_handling_function)(ObservedData(**args))