dedup code

capa/render/__init__.py

@@ -10,6 +10,7 @@ import json
 
 import capa.rules
 import capa.engine
+import capa.render.utils
 
 
 def convert_statement_to_result_document(statement):
@@ -210,21 +211,14 @@ def convert_meta_to_result_document(meta):
     return meta
 
 
-def parse_canonical_attack(attck):
+def parse_canonical_attack(attack):
     """
     parse capa's canonical ATT&CK representation: `Tactic::Technique::Subtechnique [Identifier]`
     """
-    id = ""
     tactic = ""
     technique = ""
     subtechnique = ""
-    parts = attck.split("::")
-    if len(parts) > 0:
-        last = parts.pop()
-        last, _, id = last.rpartition(" ")
-        id = id.lstrip("[").rstrip("]")
-        parts.append(last)
-
+    parts, id = capa.render.utils.parse_parts_id(attack)
     if len(parts) > 0:
         tactic = parts[0]
     if len(parts) > 1:
@@ -245,17 +239,10 @@ def parse_canonical_mbc(mbc):
     """
     parse capa's canonical MBC representation: `Objective::Behavior::Method [Identifier]`
     """
-    id = ""
     objective = ""
     behavior = ""
     method = ""
-    parts = mbc.split("::")
-    if len(parts) > 0:
-        last = parts.pop()
-        last, _, id = last.rpartition(" ")
-        id = id.lstrip("[").rstrip("]")
-        parts.append(last)
-
+    parts, id = capa.render.utils.parse_parts_id(mbc)
     if len(parts) > 0:
         objective = parts[0]
     if len(parts) > 1:

capa/render/utils.py

@@ -29,6 +29,17 @@ def hex(n):
         return "0x%X" % n
 
 
+def parse_parts_id(s):
+    id = ""
+    parts = s.split("::")
+    if len(parts) > 0:
+        last = parts.pop()
+        last, _, id = last.rpartition(" ")
+        id = id.lstrip("[").rstrip("]")
+        parts.append(last)
+    return parts, id
+
+
 def format_parts_id(data):
     """
     format canonical representation of ATT&CK/MBC parts and ID