rules: use six.string_types to better support py2

capa/features/extractors/viv/insn.py

@@ -7,7 +7,6 @@ from capa.features import MAX_BYTES_FEATURE_SIZE, Bytes, String, Characteristic
 from capa.features.insn import Number, Offset, Mnemonic
 from capa.features.extractors.viv.indirect_calls import NotFoundError, resolve_indirect_call
 
-
 # security cookie checks may perform non-zeroing XORs, these are expected within a certain
 # byte range within the first and returning basic blocks, this helps to reduce FP features
 SECURITY_COOKIE_BYTES_DELTA = 0x40

capa/rules.py

@@ -211,7 +211,7 @@ def parse_description(s, value_type, description=None):
     """
     s can be an int or a string
     """
-    if value_type != "string" and isinstance(s, str) and " = " in s:
+    if value_type != "string" and isinstance(s, six.string_types) and " = " in s:
         if description:
             raise InvalidRule(
                 'unexpected value: "%s", only one description allowed (inline description with ` = `)' % s
@@ -222,7 +222,7 @@ def parse_description(s, value_type, description=None):
     else:
         value = s
 
-    if isinstance(value, str):
+    if isinstance(value, six.string_types):
         if value_type == "bytes":
             try:
                 value = codecs.decode(value.replace(" ", ""), "hex")
@@ -801,7 +801,7 @@ class RuleSet(object):
         rules_filtered = set([])
         for rule in rules:
             for k, v in rule.meta.items():
-                if isinstance(v, str) and tag in v:
+                if isinstance(v, six.string_types) and tag in v:
                     logger.debug('using rule "%s" and dependencies, found tag in meta.%s: %s', rule.name, k, v)
                     rules_filtered.update(set(capa.rules.get_rules_and_dependencies(rules, rule.name)))
                     break