cti-python-stix2 icon indicating copy to clipboard operation
cti-python-stix2 copied to clipboard
verified publisher icon oasis-open

Granular marking constraint checking is incorrect

Open chisholm opened this issue 1 year ago • 0 comments

The STIX 2.1 spec section 7.2.3 says that one cannot include both lang and marking_ref in a granular marking:

Because each granular marking instance applies to either a language or a marking, one and only one of these properties MUST be present on each instance of a granular marking.

The library does not check this:

import stix2

granular_marking = stix2.GranularMarking(
  lang="en",
  marking_ref=stix2.TLP_GREEN,
  selectors=["foo"]
)

granular_marking.fp_serialize(sys.stdout, indent=4)

results in:

{
    "lang": "en",
    "marking_ref": "marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da",
    "selectors": [
        "foo"
    ]
}

which is invalid.

chisholm avatar Feb 18 '24 21:02 chisholm