gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-02-04 11:07:53 -08:00
Code Issues Packages Projects Releases Wiki Activity

elffile: extract global features

Browse Source
This commit is contained in:
William Ballenthin
2021-09-13 13:51:19 -06:00
parent 02d9d37c1e
commit 0803c6f3fa
1 changed files with 18 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
capa/features/extractors/elffile.py
View File

@@ -91,8 +91,18 @@ FILE_HANDLERS = (
extract_file_section_names,
extract_file_strings,
# no library matching
extract_file_os,
extract_file_format,
)
def extract_global_features(elf: ELFFile, buf: bytes) -> Iterator[Tuple[Feature, int]]:
for global_handler in GLOBAL_HANDLERS:
for feature, va in global_handler(elf=elf, buf=buf): # type: ignore
yield feature, va
GLOBAL_HANDLERS = (
extract_file_os,
extract_file_arch,
)
@@ -110,6 +120,13 @@ class ElfFeatureExtractor(FeatureExtractor):
if segment.header.p_type == "PT_LOAD":
return segment.header.p_vaddr
def extract_global_features(self):
with open(self.path, "rb") as f:
buf = f.read()
for feature, va in extract_global_features(self.elf, buf):
yield feature, va
def extract_file_features(self):
with open(self.path, "rb") as f:
buf = f.read()