gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-01-17 23:25:50 -08:00
Code Issues Packages Projects Releases Wiki Activity

dotnet: emit calls to/from MethodDef methods (#1236)

Browse Source 
* dotnet: emit calls to/from MethodDef methods

* dotnet: update function.py copyright header
This commit is contained in:
Mike Hunhoff
2022-12-19 15:06:16 -07:00
committed by GitHub
parent 2b85af0f88
commit 4ece47c64c
4 changed files with 91 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
tests/fixtures.py
View File

@@ -753,6 +753,10 @@ FEATURE_PRESENCE_TESTS_DOTNET = sorted(
("_1c444", "function=0x1F68", capa.features.insn.API("GetWindowDC"), True),
("_1c444", "function=0x1F68", capa.features.insn.API("user32.GetWindowDC"), True),
("_1c444", "function=0x1F68", capa.features.insn.Number(0xCC0020), True),
("_1c444", "token=0x600001D", capa.features.common.Characteristic("calls to"), True),
("_1c444", "token=0x6000018", capa.features.common.Characteristic("calls to"), False),
("_1c444", "token=0x600001D", capa.features.common.Characteristic("calls from"), True),
("_1c444", "token=0x600000F", capa.features.common.Characteristic("calls from"), False),
("_1c444", "function=0x1F68", capa.features.insn.Number(0x0), True),
("_1c444", "function=0x1F68", capa.features.insn.Number(0x1), False),
("_692f", "token=0x6000004", capa.features.insn.API("System.Linq.Enumerable::First"), True), # generic method
@@ -950,7 +954,10 @@ FEATURE_COUNT_TESTS = [
]
FEATURE_COUNT_TESTS_DOTNET = [] # type: ignore
FEATURE_COUNT_TESTS_DOTNET = [
("_1c444", "token=0x600001D", capa.features.common.Characteristic("calls to"), 1),
("_1c444", "token=0x600001D", capa.features.common.Characteristic("calls from"), 9),
]
def do_test_feature_presence(get_extractor, sample, scope, feature, expected):