gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-22 15:16:22 -08:00
Code Issues Packages Projects Releases Wiki Activity

fix show-capabilities-by-function

Browse Source
This commit is contained in:
Yacine Elhamer
2023-07-06 00:48:22 +01:00
parent 4649c9a61d
commit 47aebcbdd4
2 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
capa/rules/__init__.py
View File

@@ -1268,7 +1268,6 @@ class RuleSet:
walk through a rule's logic tree, indexing the easy and hard rules, walk through a rule's logic tree, indexing the easy and hard rules,
and the features referenced by easy rules. and the features referenced by easy rules.
""" """
print(f"nodeeeeeeeeeee == {node}")
if isinstance( if isinstance(
node, node,
( (

4
scripts/show-capabilities-by-function.py
View File

@@ -106,10 +106,10 @@ def render_matches_by_function(doc: rd.ResultDocument):
matches_by_function = collections.defaultdict(set) matches_by_function = collections.defaultdict(set)
for rule in rutils.capability_rules(doc): for rule in rutils.capability_rules(doc):
if rule.meta.scope == capa.rules.FUNCTION_SCOPE: if rule.meta.scopes == capa.rules.FUNCTION_SCOPE:
for addr, _ in rule.matches: for addr, _ in rule.matches:
matches_by_function[addr].add(rule.meta.name) matches_by_function[addr].add(rule.meta.name)
elif rule.meta.scope == capa.rules.BASIC_BLOCK_SCOPE: elif rule.meta.scopes == capa.rules.BASIC_BLOCK_SCOPE:
for addr, _ in rule.matches: for addr, _ in rule.matches:
function = functions_by_bb[addr] function = functions_by_bb[addr]
matches_by_function[function].add(rule.meta.name) matches_by_function[function].add(rule.meta.name)