gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-22 23:26:21 -08:00
Code Issues Packages Projects Releases Wiki Activity

add thread scope

Browse Source
This commit is contained in:
Yacine Elhamer
2023-06-28 13:08:11 +01:00
parent 0d38f85db7
commit 2b163edc0e
4 changed files with 63 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
tests/test_main.py
View File

@@ -145,12 +145,25 @@ def test_ruleset():
"""
)
),
capa.rules.Rule.from_yaml(
textwrap.dedent(
"""
rule:
meta:
name: thread rule
scope: thread
features:
- api: RegDeleteKey
"""
)
),
]
)
assert len(rules.file_rules) == 1
assert len(rules.function_rules) == 1
assert len(rules.basic_block_rules) == 1
assert len(rules.process_rules) == 1
assert len(rules.thread_rules) == 1
def test_match_across_scopes_file_function(z9324d_extractor):