cherry pick hotfix (#7010)

demisto · May 17, 2020 · b087857 · b087857
1 parent 1ec7a4b
commit b087857
Show file tree

Hide file tree

Showing 6 changed files with 49 additions and 35 deletions.
diff --git a/Packs/NonSupported/Integrations/integration-VirusTotal.yml b/Packs/NonSupported/Integrations/integration-VirusTotal.yml
@@ -245,8 +245,8 @@ script:
         var o = res.obj;
         var ec = {};
         if (o.response_code === 0) {
-            ec["DBotScore(val.Indicator && val.Indicator === obj.Indicator && val.Vendor === obj.Vendor && val.Type === obj.Type)"] = {Indicator: hash, Type: 'hash', Vendor: 'VirusTotal', Score: 0};
-            ec["DBotScore(val.Indicator && val.Indicator === obj.Indicator && val.Vendor === obj.Vendor && val.Type === obj.Type)"] = {Indicator: hash, Type: 'file', Vendor: 'VirusTotal', Score: 0};
+            ec["DBotScore"] = [{Indicator: hash, Type: 'hash', Vendor: 'VirusTotal', Score: 0},
+                              {Indicator: hash, Type: 'file', Vendor: 'VirusTotal', Score: 0}];
             return {Type: entryTypes.note, Contents: res.body, ContentsFormat: formats.json, EntryContext: ec,
                 HumanReadable: 'VirusTotal does not have details about ' + hash + '\n' + res.obj.verbose_msg};
         }

diff --git a/Packs/NonSupported/Integrations/integration-VirusTotal_CHANGELOG.md b/Packs/NonSupported/Integrations/integration-VirusTotal_CHANGELOG.md
@@ -1,5 +1,6 @@
 ## [Unreleased]
-Fixed an issue where urls with a comma were parsed incorrectly.
+- Fixed an issue where urls with a comma were parsed incorrectly.
+- Fixed an issue where running file related commands would raise an error.
 
 
 ## [20.3.3] - 2020-03-18

diff --git a/Packs/VirusTotal-Private_API/Integrations/VirusTotal-Private_API/CHANGELOG.md b/Packs/VirusTotal-Private_API/Integrations/VirusTotal-Private_API/CHANGELOG.md
@@ -1,4 +1,7 @@
 ## [Unreleased]
+Fixed an issue where running file related commands would raise an error.
+
+## [20.5.0] - 2020-05-12
 -
 
 ## [20.4.1] - 2020-04-29

diff --git a/Packs/VirusTotal-Private_API/Integrations/VirusTotal-Private_API/VirusTotal-Private_API.py b/Packs/VirusTotal-Private_API/Integrations/VirusTotal-Private_API/VirusTotal-Private_API.py
@@ -160,13 +160,11 @@ def create_file_output(file_hash, threshold, vt_response, short_format):
         dbotScore = 2
     else:
         dbotScore = 1
-    ec['DBotScore(val.Indicator && val.Indicator === obj.Indicator && val.Vendor === obj.Vendor && val.Type === '
-       'obj.Type)'].append({'Indicator': file_hash, 'Type': 'hash',
-                            'Vendor': 'VirusTotal - Private API', 'Score': dbotScore})
-
-    ec['DBotScore(val.Indicator && val.Indicator === obj.Indicator && val.Vendor === obj.Vendor && val.Type === '
-       'obj.Type)'].append({'Indicator': file_hash, 'Type': 'file',
-                            'Vendor': 'VirusTotal - Private API', 'Score': dbotScore})
+    if is_demisto_version_ge('5.5.0'):
+        ec['DBotScore(val.Indicator && val.Indicator == obj.Indicator && val.Vendor == obj.Vendor && val.Type'
+           ' == obj.Type)'] = get_dbot_file_context(file_hash, dbotScore)
+    else:
+        ec['DBotScore'] = get_dbot_file_context(file_hash, dbotScore)
 
     md += 'MD5: **' + vt_response.get('md5') + '**\n'
     md += 'SHA1: **' + vt_response.get('sha1') + '**\n'
@@ -223,6 +221,11 @@ def create_file_output(file_hash, threshold, vt_response, short_format):
     return entry
 
 
+def get_dbot_file_context(file_hash, dbotscore):
+
+    return {'Indicator': file_hash, 'Type': 'file', 'Vendor': 'VirusTotal - Private API', 'Score': dbotscore}
+
+
 ''' COMMANDS FUNCTIONS '''
 
 
@@ -255,27 +258,24 @@ def check_file_behaviour_command():
     # VT response
     response = check_file_behaviour(file_hash)
 
+    ec = {}
     if (response.get('response_code', None) == 0):
+
+        if is_demisto_version_ge('5.5.0'):
+            ec['DBotScore(val.Indicator && val.Indicator == obj.Indicator && val.Vendor == obj.Vendor && val.Type'
+               ' == obj.Type)'] = get_dbot_file_context(file_hash, 0)
+
+        else:
+            ec['DBotScore'] = get_dbot_file_context(file_hash, 0)
         return {
             'Type': entryTypes['note'],
             'Contents': response,
             'ContentsFormat': formats['json'],
-            'EntryContext': {
-                {
-                    'DBotScore(val.Indicator && val.Indicator == obj.Indicator && val.Vendor == obj.Vendor && '
-                    'val.Type == obj.Type)': {'Indicator': file_hash, 'Type': 'hash',
-                                              'Vendor': 'VirusTotal - Private API', 'Score': 0}
-                },
-                {
-                    'DBotScore(val.Indicator && val.Indicator == obj.Indicator && val.Vendor == obj.Vendor && '
-                    'val.Type == obj.Type)': {'Indicator': file_hash, 'Type': 'file',
-                                              'Vendor': 'VirusTotal - Private API', 'Score': 0}
-                }
-            },
+            'EntryContext': ec,
 
             'HumanReadable': "A report wasn't found for file " + file_hash + ". Virus Total returned the following "
                                                                              "response: " + json.dumps
-            (response.get('verbose_msg'))
+                             (response.get('verbose_msg'))
         }
 
     # data processing
@@ -1017,17 +1017,12 @@ def hash_communication_command():
             'Contents': response,
             'ContentsFormat': formats['json'],
             'EntryContext': {
-                {'DBotScore(val.Indicator && val.Indicator == obj.Indicator && val.Vendor == obj.Vendor && '
-                 'val.Type == obj.Type)': {'Indicator': file_hash, 'Type': 'hash',
-                                           'Vendor': 'VirusTotal - Private API', 'Score': 0}},
-                {'DBotScore(val.Indicator && val.Indicator == obj.Indicator && val.Vendor == obj.Vendor &&'
-                 ' val.Type == obj.Type)': {'Indicator': file_hash, 'Type': 'file',
-                                            'Vendor': 'VirusTotal - Private API', 'Score': 0}}
+                'DBotScore': get_dbot_file_context(file_hash, 0)
             },
 
             'HumanReadable': "A report wasn't found for file " + file_hash + ". Virus Total returned the following"
                                                                              " response: " + json.dumps
-            (response.get('verbose_msg'))
+                             (response.get('verbose_msg'))
         }
 
     # network data contains all the communication data

diff --git a/Packs/opswat-metadefender/Integrations/integration-opswat-metadefender-v2.yml b/Packs/opswat-metadefender/Integrations/integration-opswat-metadefender-v2.yml
@@ -129,6 +129,11 @@ script:
         res = http_req(method='GET', url_suffix=f'file/{scan_id}')
         return res
 
+    def get_dbot_file_context(file_hash, dbotscore):
+
+        return {'Indicator': file_hash, 'Type': 'file', 'Vendor': 'OPSWAT', 'Score': dbotscore}
+
+
     def get_hash_info_command():
         file_hash = demisto.args()['hash']
         res = get_hash_info(file_hash)
@@ -173,8 +178,13 @@ script:
                 dbotScore = 2
             else:
                 dbotScore = 1
-            ec['DBotScore(val.Indicator && val.Indicator === obj.Indicator && val.Vendor === obj.Vendor && val.Type === obj.Type)'] = {'Indicator': file_hash, 'Type': 'hash', 'Vendor': 'OPSWAT', 'Score': dbotScore}
-            ec['DBotScore(val.Indicator && val.Indicator === obj.Indicator && val.Vendor === obj.Vendor && val.Type === obj.Type)'] = {'Indicator': file_hash, 'Type': 'file', 'Vendor': 'OPSWAT', 'Score': dbotScore}
+
+            if is_demisto_version_ge('5.5.0'):
+                ec['DBotScore(val.Indicator && val.Indicator == obj.Indicator && val.Vendor == obj.Vendor && val.Type' \
+                   ' == obj.Type)'] = get_dbot_file_context(file_hash, dbotScore)
+
+            else:
+                ec['DBotScore'] = get_dbot_file_context(file_hash, dbotScore)
 
         else:
             md += f'No results for hash {file_hash}\n'
@@ -259,8 +269,13 @@ script:
                 else:
                     dbotScore = 1
 
-                ec['DBotScore(val.Indicator && val.Indicator === obj.Indicator && val.Vendor === obj.Vendor && val.Type === obj.Type)'] = {'Indicator': file_info['md5'], 'Type': 'hash', 'Vendor': 'OPSWAT', 'Score': dbotScore}
-                ec['DBotScore(val.Indicator && val.Indicator === obj.Indicator && val.Vendor === obj.Vendor && val.Type === obj.Type)'] = {'Indicator': file_info['md5'], 'Type': 'file', 'Vendor': 'OPSWAT', 'Score': dbotScore}
+                file_md5_hash = file_info['md5']
+                if is_demisto_version_ge('5.5.0'):
+                    ec['DBotScore(val.Indicator && val.Indicator == obj.Indicator && val.Vendor == obj.Vendor && val.Type' \
+                       ' == obj.Type)'] = get_dbot_file_context(file_md5_hash, dbotScore)
+
+                else:
+                    ec['DBotScore'] = get_dbot_file_context(file_md5_hash, dbotScore)
 
         else:
             md += 'No results for this id\n';

diff --git a/...pswat-metadefender/Integrations/integration-opswat-metadefender-v2_CHANGELOG.md b/...pswat-metadefender/Integrations/integration-opswat-metadefender-v2_CHANGELOG.md
@@ -1,2 +1,2 @@
 ## [Unreleased]
--
+Fixed an issue where running file related commands would raise an error.