client-python icon indicating copy to clipboard operation
client-python copied to clipboard

Published 20 hours ago verified publisher icon OpenCTI-Platform

Maximum recursion depth exceeded while calling a Python object

Open SYNchroACK opened this issue 2 years ago • 1 comments

Description

Maximum recursion depth exceeded while calling a Python object Related: #267

INFO:root:Listing Threat-Actors with filters null.
INFO:root:Listing Threat-Actors with filters null.
INFO:root:Connector registered with ID: 54443edaa-d890-4bfe-b151-d4e7f1c48dc
INFO:root:Starting ping alive thread
INFO:root:Initiate work for 54443edaa-d890-4bfe-b151-d4e7f1c48dc
Traceback (most recent call last):
  File "/opencti-dev/.trash/script.py", line 26, in <module>
    helper.send_stix2_bundle(
  File "/home/vscode/.local/lib/python3.10/site-packages/pycti/connector/opencti_connector_helper.py", line 842, in send_stix2_bundle
    bundles = stix2_splitter.split_bundle(bundle, True, event_version)
  File "/home/vscode/.local/lib/python3.10/site-packages/pycti/utils/opencti_stix2_splitter.py", line 74, in split_bundle
    self.enlist_element(item["id"], raw_data)
  File "/home/vscode/.local/lib/python3.10/site-packages/pycti/utils/opencti_stix2_splitter.py", line 24, in enlist_element
    nb_deps += self.enlist_element(element_ref, raw_data)
  File "/home/vscode/.local/lib/python3.10/site-packages/pycti/utils/opencti_stix2_splitter.py", line 24, in enlist_element
    nb_deps += self.enlist_element(element_ref, raw_data)
  File "/home/vscode/.local/lib/python3.10/site-packages/pycti/utils/opencti_stix2_splitter.py", line 24, in enlist_element
    nb_deps += self.enlist_element(element_ref, raw_data)
  [Previous line repeated 992 more times]
  File "/home/vscode/.local/lib/python3.10/site-packages/pycti/utils/opencti_stix2_splitter.py", line 36, in enlist_element
    nb_deps += self.enlist_element(value, raw_data)
  File "/home/vscode/.local/lib/python3.10/site-packages/pycti/utils/opencti_stix2_splitter.py", line 14, in enlist_element
    existing_item = self.cache_index.get(item_id)
RecursionError: maximum recursion depth exceeded while calling a Python object
Killed

Environment

  1. PyCTI: 5.3.8

Reproducible Steps

from pycti import OpenCTIConnectorHelper
import requests

scopes = [
    "marking-definition",
    "identity",
    "attack-pattern",
    "course-of-action",
    "intrusion-set",
    "campaign",
    "malware",
    "tool",
    "report",
    "x-mitre-data-component",
    "x-mitre-data-source",
    "external-reference-as-report"
]

scopes = ",".join(scopes)

helper = OpenCTIConnectorHelper({})
work_id = helper.api.work.initiate_work(helper.connect_id, f"MITRE run @ someday")

response = requests.get("https://raw.githubusercontent.com/mitre/cti/master/capec/2.1/stix-capec.json")

helper.send_stix2_bundle(
    str(response.content),
    entities_types=scopes,
    update=False,
    work_id=work_id,
    # bypass_split=True
)

Using the bypass_split option in send_stix2_bundle did work. In this scenarios where are cycling dependencies, we should always use bypass_split?

SYNchroACK avatar Jan 21 '23 11:01 SYNchroACK

In the instance where bypass_split is enabled, certain bundles (e.g. CAPEC STIX Data) throw an error that the bundle is too large. Is there a workaround in the interim to ingest the data?

image

akshaysth avatar Feb 07 '23 14:02 akshaysth