Can't add hashes for filenames with regex

[RichieB2B]

When I try to add a hash for a filename containing a regex like file\d{1}.\d{2}.exe, PyMISP throws this error:

Traceback (most recent call last):
  File "./import.py", line 178, in <module>
    readcsv(sys.argv[1])
  File "./import.py", line 163, in readcsv
    r = mymisp.add_hashes(event, filename=row[1], md5=md5, sha1=sha1, sha256=sha256, comment=comment)
  File "/opt/rh/rh-python34/root/usr/lib/python3.4/site-packages/pymisp/api.py", line 448, in add_hashes
    attributes.append(self._prepare_full_attribute(category, type_value.format('md5'), value.format(md5),
IndexError: tuple index out of range

This is because the filename is interpreted as a format string in https://github.com/MISP/PyMISP/blob/master/pymisp/api.py#L455

[Rafiot]

Hmmm, can you print the content of row?

Because that snippet works:

In [1]: a = 'file\d{1}.\d{2}.exe'
In [2]: '{}'.format(a)
Out[2]: 'file\\d{1}.\\d{2}.exe'

[RichieB2B]

But that snippet does not use the PyMISP API code. This one does:

filename = 'file\d{1}.\d{2}.exe'
md5 = 'd41d8cd98f00b204e9800998ecf8427e'
value = filename + '|{}'
value.format(md5)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
IndexError: tuple index out of range

[Rafiot]

grmbl, right, sorry for that, fixing

[Rafiot]

That should do the trick.