From 1b4a087c4bd8d2ed42c6db462ed5c7a5fac848ed Mon Sep 17 00:00:00 2001
From: William Ballenthin <william.ballenthin@fireeye.com>
Date: Tue, 15 Jun 2021 11:44:02 -0600
Subject: [PATCH] render: don't stomp on meta dictionary

fixes a bug in bulk-process in which rules are evaluated multiple times
so meta cannot be updated in place.
---
 capa/render/result_document.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/capa/render/result_document.py b/capa/render/result_document.py
index 8c3703cd..fa74fb7d 100644
--- a/capa/render/result_document.py
+++ b/capa/render/result_document.py
@@ -5,6 +5,8 @@
 # Unless required by applicable law or agreed to in writing, software distributed under the License
 #  is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and limitations under the License.
+import copy
+
 import capa.rules
 import capa.engine
 import capa.render.utils
@@ -202,6 +204,9 @@ def convert_match_to_result_document(rules, capabilities, result):
 
 
 def convert_meta_to_result_document(meta):
+    # make a copy so that we don't modify the given parameter
+    meta = copy.deepcopy(meta)
+
     attacks = meta.get("att&ck", [])
     meta["att&ck"] = [parse_canonical_attack(attack) for attack in attacks]
     mbcs = meta.get("mbc", [])