The pattern semantic equivalence comparison expression DNF transformer rearranges an AST and can create new comparison expression AND nodes. Current AST AND node implementation will check whether all operands have an SCO type in common, as required by spec, and error if this is not the case. Some STIX patterns would cause the DNF transformer to create an AND node with no SCO types in common and trigger that error and crash.
For example:
[(a:b=1 OR b:c=1) AND (b:d=1 OR c:d=1)]
would DNF transform to:
[(a:b=1 AND b:d=1) OR (a:b=1 AND c:d=1) OR (b:c=1 AND b:d=1) OR (b:c=1 AND c:d=1)]
The first, second, and fourth AND expressions mix different SCO types and cause the error.
The pattern semantic equivalence comparison expression DNF transformer rearranges an AST and can create new comparison expression AND nodes. Current AST AND node implementation will check whether all operands have an SCO type in common, as required by spec, and error if this is not the case. Some STIX patterns would cause the DNF transformer to create an AND node with no SCO types in common and trigger that error and crash.
For example:
would DNF transform to:
The first, second, and fourth AND expressions mix different SCO types and cause the error.