From 63cd70029f1b4a79883be5a0e55642cde705251e Mon Sep 17 00:00:00 2001
From: Moritz Raabe <moritz.raabe@fireeye.com>
Date: Wed, 2 Jun 2021 11:06:49 +0200
Subject: [PATCH] dedup code

---
 capa/render/__init__.py | 21 ++++-----------------
 capa/render/utils.py    | 11 +++++++++++
 2 files changed, 15 insertions(+), 17 deletions(-)

diff --git a/capa/render/__init__.py b/capa/render/__init__.py
index eec22281..76b840ca 100644
--- a/capa/render/__init__.py
+++ b/capa/render/__init__.py
@@ -10,6 +10,7 @@ import json
 
 import capa.rules
 import capa.engine
+import capa.render.utils
 
 
 def convert_statement_to_result_document(statement):
@@ -210,21 +211,14 @@ def convert_meta_to_result_document(meta):
     return meta
 
 
-def parse_canonical_attack(attck):
+def parse_canonical_attack(attack):
     """
     parse capa's canonical ATT&CK representation: `Tactic::Technique::Subtechnique [Identifier]`
     """
-    id = ""
     tactic = ""
     technique = ""
     subtechnique = ""
-    parts = attck.split("::")
-    if len(parts) > 0:
-        last = parts.pop()
-        last, _, id = last.rpartition(" ")
-        id = id.lstrip("[").rstrip("]")
-        parts.append(last)
-
+    parts, id = capa.render.utils.parse_parts_id(attack)
     if len(parts) > 0:
         tactic = parts[0]
     if len(parts) > 1:
@@ -245,17 +239,10 @@ def parse_canonical_mbc(mbc):
     """
     parse capa's canonical MBC representation: `Objective::Behavior::Method [Identifier]`
     """
-    id = ""
     objective = ""
     behavior = ""
     method = ""
-    parts = mbc.split("::")
-    if len(parts) > 0:
-        last = parts.pop()
-        last, _, id = last.rpartition(" ")
-        id = id.lstrip("[").rstrip("]")
-        parts.append(last)
-
+    parts, id = capa.render.utils.parse_parts_id(mbc)
     if len(parts) > 0:
         objective = parts[0]
     if len(parts) > 1:
diff --git a/capa/render/utils.py b/capa/render/utils.py
index b9ae0c1b..39ec5f3e 100644
--- a/capa/render/utils.py
+++ b/capa/render/utils.py
@@ -29,6 +29,17 @@ def hex(n):
         return "0x%X" % n
 
 
+def parse_parts_id(s):
+    id = ""
+    parts = s.split("::")
+    if len(parts) > 0:
+        last = parts.pop()
+        last, _, id = last.rpartition(" ")
+        id = id.lstrip("[").rstrip("]")
+        parts.append(last)
+    return parts, id
+
+
 def format_parts_id(data):
     """
     format canonical representation of ATT&CK/MBC parts and ID