gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-22 07:10:29 -08:00
Code Issues Packages Projects Releases Wiki Activity

Update test_scripts.py

Browse Source 
Here new_rule_path and expected_overlaps will be changed based on the new test rule designed.
Adding tests to check if the code works fine
This commit is contained in:
Aayush Goel
2023-05-10 14:39:16 +05:30
parent d91070c116
commit 187a4712cb
2 changed files with 36 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
scripts/detect_duplicate_features.py
View File

@@ -1,9 +1,13 @@
import sys
import logging
import argparse import argparse
import capa.main import capa.main
import capa.rules import capa.rules
import capa.engine as ceng import capa.engine as ceng
logger = logging.getLogger("detect_duplicate_features")
def get_child_features(feature: ceng.Statement) -> list: def get_child_features(feature: ceng.Statement) -> list:
""" """
@@ -43,13 +47,15 @@ def get_features(rule_path: str) -> list:
new_rule = capa.rules.Rule.from_yaml(f.read()) new_rule = capa.rules.Rule.from_yaml(f.read())
feature_list = get_child_features(new_rule.statement) feature_list = get_child_features(new_rule.statement)
except Exception as e: except Exception as e:
raise Warning("Error: " + rule_path + " " + str(type(e)) + " " + str(e)) logger.error("Error: New rule " + rule_path + " " + str(type(e)) + " " + str(e))
sys.exit(1)
return feature_list return feature_list
def find_overlapping_rules(new_rule_path, rules_path): def find_overlapping_rules(new_rule_path, rules_path):
if not new_rule_path.endswith(".yml"): if not new_rule_path.endswith(".yml"):
raise FileNotFoundError("FileNotFoundError ! New rule file name doesn't end with yml") logger.error("FileNotFoundError ! New rule file name doesn't end with .yml")
sys.exit(1)
# Loads features of new rule in a list. # Loads features of new rule in a list.
new_rule_features = get_features(new_rule_path) new_rule_features = get_features(new_rule_path)
@@ -84,8 +90,9 @@ def main():
new_rule_path = args.new_rule new_rule_path = args.new_rule
rules_path = args.rules rules_path = args.rules
try:
result = find_overlapping_rules(new_rule_path, rules_path) result = find_overlapping_rules(new_rule_path, rules_path)
print("\nNew rule path : %s" % new_rule_path) print("\nNew rule path : %s" % new_rule_path)
print("Number of rules checked : %s " % result["count"]) print("Number of rules checked : %s " % result["count"])
if result["overlapping_rules"]: if result["overlapping_rules"]:
@@ -96,9 +103,9 @@ def main():
print("Paths to overlapping rules : None") print("Paths to overlapping rules : None")
print("Number of rules containing same features : %s" % len(result["overlapping_rules"])) print("Number of rules containing same features : %s" % len(result["overlapping_rules"]))
print("\n") print("\n")
except Exception as e:
print(e) return len(result["overlapping_rules"])
if __name__ == "__main__": if __name__ == "__main__":
main() sys.exit(main())

12
tests/test_scripts.py
View File

@@ -82,3 +82,15 @@ def test_proto_conversion(tmpdir):
assert p.returncode == 0 assert p.returncode == 0
assert p.stdout.startswith(b'{\n "meta": ') or p.stdout.startswith(b'{\r\n "meta": ') assert p.stdout.startswith(b'{\n "meta": ') or p.stdout.startswith(b'{\r\n "meta": ')
def test_detect_duplicate_features():
new_rule_path = "collection/credit-card/parse-credit-card-information.yml"
args = [
get_rules_path(),
os.path.join(get_rules_path(), new_rule_path),
]
expected_overlaps = 49
script_path = get_script_path("detect_duplicate_features.py")
p = run_program(script_path, args)
assert p.returncode == expected_overlaps