From 3d1ef51863e46ea602b2b668c956abdb5a87b75c Mon Sep 17 00:00:00 2001
From: Pratham Chauhan <Prathamchauhan2002@gmail.com>
Date: Wed, 5 Apr 2023 17:33:05 +0530
Subject: [PATCH] revert

---
 capa/ida/plugin/form.py   |  8 ++++----
 tests/test_function_id.py |  6 +++---
 tests/test_rules.py       | 14 +++++++-------
 3 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/capa/ida/plugin/form.py b/capa/ida/plugin/form.py
index 75e04b9e..30f41f9f 100644
--- a/capa/ida/plugin/form.py
+++ b/capa/ida/plugin/form.py
@@ -607,8 +607,8 @@ class CapaExplorerForm(idaapi.PluginForm):
         except UserCancelledError as e:
             capa.ida.helpers.inform_user_ida_ui("Analysis requires capa rules")
             logger.warning(
-                f"You must specify a directory containing capa rules before running analysis. "
-                f"Download and extract the official rules from {CAPA_OFFICIAL_RULESET_URL} (recommended)."
+                "You must specify a directory containing capa rules before running analysis.%s",
+                f"Download and extract the official rules from {CAPA_OFFICIAL_RULESET_URL} (recommended).",
             )
             return False
         except Exception as e:
@@ -706,8 +706,8 @@ class CapaExplorerForm(idaapi.PluginForm):
 
                         capa.ida.helpers.inform_user_ida_ui("Cached results were generated using different capas rules")
                         logger.warning(
-                            "capa is showing you cached results from a previous analysis run. "
-                            "Your rules have changed since and you should reanalyze the program to see new results."
+                            "capa is showing you cached results from a previous analysis run.%s ",
+                            "Your rules have changed since and you should reanalyze the program to see new results.",
                         )
                         view_status_rules = "no rules matched for cache"
 
diff --git a/tests/test_function_id.py b/tests/test_function_id.py
index f256db32..65af1ae0 100644
--- a/tests/test_function_id.py
+++ b/tests/test_function_id.py
@@ -4,20 +4,20 @@ import capa.features.insn
 
 
 def test_function_id_simple_match(pma16_01_extractor):
-    assert pma16_01_extractor.is_library_function(4224144) is True
+    assert pma16_01_extractor.is_library_function(0x407490) is True
     assert pma16_01_extractor.get_function_name(0x407490) == "__aulldiv"
 
 
 def test_function_id_gz_pat(pma16_01_extractor):
     # aullrem is stored in `test_aullrem.pat.gz`
-    assert pma16_01_extractor.is_library_function(4224256) is True
+    assert pma16_01_extractor.is_library_function(0x407500) is True
     assert pma16_01_extractor.get_function_name(0x407500) == "__aullrem"
 
 
 def test_function_id_complex_match(pma16_01_extractor):
     # 0x405714 is __spawnlp which requires recursive match of __spawnvp at 0x407FAB
     # (and __spawnvpe at 0x409DE8)
-    assert pma16_01_extractor.is_library_function(4216596) is True
+    assert pma16_01_extractor.is_library_function(0x405714) is True
     assert pma16_01_extractor.get_function_name(0x405714) == "__spawnlp"
 
 
diff --git a/tests/test_rules.py b/tests/test_rules.py
index 0a2e68d1..b5eab288 100644
--- a/tests/test_rules.py
+++ b/tests/test_rules.py
@@ -467,11 +467,11 @@ def test_number_symbol():
     r = capa.rules.Rule.from_yaml(rule)
     children = list(r.statement.get_children())
     assert (Number(1) in children) is True
-    assert (Number(4294967295) in children) is True
+    assert (Number(0xFFFFFFFF) in children) is True
     assert (Number(2, description="symbol name") in children) is True
     assert (Number(3, description="symbol name") in children) is True
     assert (Number(4, description="symbol name = another name") in children) is True
-    assert (Number(256, description="symbol name") in children) is True
+    assert (Number(0x100, description="symbol name") in children) is True
 
 
 def test_count_number_symbol():
@@ -491,8 +491,8 @@ def test_count_number_symbol():
     assert r.evaluate({Number(2): set()}) is False
     assert r.evaluate({Number(2): {ADDR1}}) is True
     assert r.evaluate({Number(2): {ADDR1, ADDR2}}) is False
-    assert r.evaluate({Number(256, description="symbol name"): {ADDR1}}) is False
-    assert r.evaluate({Number(256, description="symbol name"): {ADDR1, ADDR2, ADDR3}}) is True
+    assert r.evaluate({Number(0x100, description="symbol name"): {ADDR1}}) is False
+    assert r.evaluate({Number(0x100, description="symbol name"): {ADDR1, ADDR2, ADDR3}}) is True
 
 
 def test_invalid_number():
@@ -557,7 +557,7 @@ def test_offset_symbol():
     assert (Offset(2, description="symbol name") in children) is True
     assert (Offset(3, description="symbol name") in children) is True
     assert (Offset(4, description="symbol name = another name") in children) is True
-    assert (Offset(256, description="symbol name") in children) is True
+    assert (Offset(0x100, description="symbol name") in children) is True
 
 
 def test_count_offset_symbol():
@@ -577,8 +577,8 @@ def test_count_offset_symbol():
     assert r.evaluate({Offset(2): set()}) is False
     assert r.evaluate({Offset(2): {ADDR1}}) is True
     assert r.evaluate({Offset(2): {ADDR1, ADDR2}}) is False
-    assert r.evaluate({Offset(256, description="symbol name"): {ADDR1}}) is False
-    assert r.evaluate({Offset(256, description="symbol name"): {ADDR1, ADDR2, ADDR3}}) is True
+    assert r.evaluate({Offset(0x100, description="symbol name"): {ADDR1}}) is False
+    assert r.evaluate({Offset(0x100, description="symbol name"): {ADDR1, ADDR2, ADDR3}}) is True
 
 
 def test_invalid_offset():