Merge pull request #118 from fireeye/ana-fix-style

2025-12-26 12:50:58 -08:00 · 2020-07-07 19:00:04 +02:00
parent 758ee87fa1 a6ddd044c7
commit 3acfc413bf
7 changed files with 10 additions and 5 deletions
--- a/capa/features/extractors/ida/init.py
+++ b/capa/features/extractors/ida/init.py
@@ -47,6 +47,7 @@ class IdaFeatureExtractor(FeatureExtractor):

    def get_functions(self):
        import capa.features.extractors.ida.helpers as ida_helpers
+
        # ignore library functions and thunk functions as identified by IDA
        for f in ida_helpers.get_functions(skip_thunks=True, skip_libs=True):
            yield add_ea_int_cast(f)
@@ -65,6 +66,7 @@ class IdaFeatureExtractor(FeatureExtractor):

    def get_instructions(self, f, bb):
        import capa.features.extractors.ida.helpers as ida_helpers
+
        for insn in ida_helpers.get_instructions_in_range(bb.start_ea, bb.end_ea):
            yield add_ea_int_cast(insn)

--- a/capa/features/extractors/ida/basicblock.py
+++ b/capa/features/extractors/ida/basicblock.py
@@ -20,7 +20,6 @@ def get_printable_len(op):
    """
    op_val = capa.features.extractors.ida.helpers.mask_op_val(op)

-
    if op.dtype == idaapi.dt_byte:
        chars = struct.pack("<B", op_val)
    elif op.dtype == idaapi.dt_word:
@@ -72,6 +71,7 @@ def is_mov_imm_to_stack(insn):

    return True

+
 def bb_contains_stackstring(f, bb):
    """ check basic block for stackstring indicators

@@ -136,8 +136,9 @@ def main():
    for f in helpers.get_functions(skip_thunks=True, skip_libs=True):
        for bb in idaapi.FlowChart(f, flags=idaapi.FC_PREDS):
            features.extend(list(extract_features(f, bb)))
-            
+
    import pprint
+
    pprint.pprint(features)


--- a/capa/features/extractors/ida/file.py
+++ b/capa/features/extractors/ida/file.py
@@ -143,6 +143,7 @@ FILE_HANDLERS = (
 def main():
    """ """
    import pprint
+
    pprint.pprint(list(extract_features()))


--- a/capa/features/extractors/ida/function.py
+++ b/capa/features/extractors/ida/function.py
@@ -74,6 +74,7 @@ def main():
        features.extend(list(extract_features(f)))

    import pprint
+
    pprint.pprint(features)


--- a/capa/features/extractors/ida/insn.py
+++ b/capa/features/extractors/ida/insn.py
@@ -372,6 +372,7 @@ def main():
                features.extend(list(extract_features(f, bb, insn)))

    import pprint
+
    pprint.pprint(features)


--- a/capa/ida/explorer/item.py
+++ b/capa/ida/explorer/item.py
@@ -191,6 +191,7 @@ class CapaExplorerFunctionItem(CapaExplorerDataItem):

 class CapaExplorerSubscopeItem(CapaExplorerDataItem):
    """ store data relevant to subscope """
+
    fmt = "subscope(%s)"

    def __init__(self, parent, scope):
--- a/capa/ida/explorer/view.py
+++ b/capa/ida/explorer/view.py
@@ -114,9 +114,7 @@ class CapaExplorerQtreeView(QtWidgets.QTreeView):

            @yield QAction*
        """
-        function_actions = (
-            ("Rename function", data, self.slot_rename_function),
-        )
+        function_actions = (("Rename function", data, self.slot_rename_function),)

        # add function actions
        for action in function_actions: