gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-06-12 11:01:31 -07:00
Code Issues Packages Projects Releases Wiki Activity

fix: invert scope filter in import-to-ida.py so function-scope rules are annotated

Browse Source 
The condition was skipping FUNCTION-scope rules instead of keeping them,
causing the script to never annotate any functions. Invert to match the
correct logic in import-to-bn.py.
This commit is contained in:
Willi Ballenthin
2026-04-22 21:54:53 +03:00
committed by Willi Ballenthin
parent 74010ba03f
commit 4da1addfb3
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CHANGELOG.md
+1
View File
@@ -50,6 +50,7 @@
- fix: correct wrong dict key in VMRay _compute_monitor_threads assertion (used thread_id instead of process_id) @williballenthin
fix: replace assert with isinstance guard in get_callee for invalid MethodSpec tokens @williballenthin
- fix: replace assert with isinstance guard in get_callee for invalid MethodSpec tokens @williballenthin
- fix: invert scope filter in import-to-ida.py so function-scope rules are annotated instead of skipped @williballenthin (SURF-81)
- fix: remove dead string literal in test_detect_duplicate_features @williballenthin (SURF-80)
- fix: remove duplicate Rule.from_yaml call in test_scope_instruction_description @williballenthin (SURF-79)
- fix: remove unused imports of capa.helpers, capa.features.basicblock, and redundant bare capa.features.extractors.base_extractor from test_freeze_dynamic.py @williballenthin (SURF-78)
scripts/import-to-ida.py
+1 -1
View File
@@ -96,7 +96,7 @@ def main():
continue
if rule.meta.is_subscope_rule:
continue
if rule.meta.scopes.static == capa.rules.Scope.FUNCTION:
if rule.meta.scopes.static != capa.rules.Scope.FUNCTION:
continue
ns = rule.meta.namespace