stix_diff throws an error on V1.0

[mvglasow]

To reproduce:

1. Obtain enterprise_attack.json from the git releases tagged ATT&CK_v1.0 and ATT&CK_v8.2 respectively, and save them locally.
2. Run python3 diff_stix.py -old ~/Documents/attack/V1.0 -new ~/Documents/attack/V8.2 -types technique -domains enterprise-attack -markdown ~/Documents/attack/diff-v1_0-v8_2.md.

Expected output:

The script completes and produces a markdown file at the specified location.

Actual output:

An error is thrown and no output is produced.

ERROR: cannot get old version for object: attack-pattern--7dd95ff6-712e-4056-9626-312ea4ab4c5e
Traceback (most recent call last):
  File "diff_stix.py", line 657, in <module>
    verbose=args.verbose
  File "diff_stix.py", line 124, in __init__
    self.load_data()
  File "diff_stix.py", line 275, in load_data
    if new_version > old_version:
UnboundLocalError: local variable 'old_version' referenced before assignment

Versions used:

c544101b on Ubuntu 18.04

Additional information:

If I use V5.0 as old, the script completes successfully. I didn’t investigate which versions are affected, but suspect it might be related to #55.

[isaisabel]

Hi @mvglasow,

Older versions of ATT&CK have a somewhat different data model and not all the scripts on this repository support the older data model. The error in this case is likely that version numbers did not exist prior to ATT&CK version 3 (October 2018). We will generally try to maintain backwards compatibility for the last few versions but incompatibility is to be expected if you go too far back.

We should probably make this more clear in the documentation or at least make the scripts error more clearly when an incompatible version is used, so I will leave this issue up to document that need.

[jondricek]

Admin note: closing all remaining issues and pull requests prior to archiving the repository