Patterns with special characters causing issues with the STIX2 library

[nirmalneupane]

The stix2 library throws an error for the following scenario: Indicator(pattern_type="stix", pattern="[url:value = 'http://example.com\'\'\'\'']")

Traceback (most recent call last): File "", line 1, in File "/Users/nirmal.neupane/ti-export/ti-export/lib/python3.9/site-packages/stix2/v21/sdo.py", line 250, in init super(Indicator, self).init(*args, **kwargs) File "/Users/nirmal.neupane/ti-export/ti-export/lib/python3.9/site-packages/stix2/base.py", line 232, in init self._check_object_constraints() File "/Users/nirmal.neupane/ti-export/ti-export/lib/python3.9/site-packages/stix2/v21/sdo.py", line 270, in _check_object_constraints raise InvalidValueError(self.class, 'pattern', str(errors[0])) stix2.exceptions.InvalidValueError: Invalid value for Indicator 'pattern': FAIL: Error found at line 1:33. mismatched input '''' expecting ']'

Looks like special characters needs to be escaped using escape characters in the literal string. The following command produces the following literal string: Indicator(pattern_type="stix", pattern="["+str(stix2.EqualityComparisonExpression(stix2.ObjectPath('url',['value']),'http://example.com\'\'\'\''))+"]")

Indicator(type='indicator', spec_version='2.1', id='indicator--e5bbda48-26fa-4225-b648-ff7398a33b8d', created='2022-01-13T22:38:42.933043Z', modified='2022-01-13T22:38:42.933043Z', pattern="[url:value = 'http://example.com\'\'\'\'']", pattern_type='stix', pattern_version='2.1', valid_from='2022-01-13T22:38:42.933043Z', revoked=False)

Therefore, the strings needs to be padded with extra escape characters, or use the stix2.ObjectPath function to encode patterns.

[nirmalneupane]

Opened an issue with the STIX2 Python library: https://github.com/oasis-open/cti-python-stix2/issues/536