fix: guard getByteDef against None for unmapped addresses in viv insn extractor

CHANGELOG.md

@@ -97,6 +97,7 @@
 - fix: use dest.value.value and indirect_src.value.value for LLIL_CONST call destinations in binja insn.py @williballenthin (SURF-47)
 - fix: remove duplicate getPrevLocation call and dead loc variable in get_previous_instructions @williballenthin (SURF-46)
 - fix: unpack getByteDef offset and slice buffer so ENDBRANCH check applies to target address, not segment start @williballenthin (SURF-45)
+- fix: guard getByteDef against None return for unmapped addresses in viv insn extractor @williballenthin #3057
 - fix: correct inverted loop structure in extract_function_loop so each block edge is recorded as (src, dest) @williballenthin (SURF-44)
 - fix: initialize addr to None in Ghidra import extractors to prevent UnboundLocalError when external functions have no data references @williballenthin (SURF-43)
 - fix: replace assert with isinstance guard in get_callee for invalid MethodSpec tokens @williballenthin

capa/features/extractors/viv/insn.py

@@ -142,9 +142,11 @@ def extract_insn_api_features(fh: FunctionHandle, bb, ih: InsnHandle) -> Iterato
                 break
 
             # if jump leads to an ENDBRANCH instruction, skip it
-            _offset, _buf = f.vw.getByteDef(target)
-            if _buf[_offset:].startswith(b"\xf3\x0f\x1e"):
-                target += 4
+            byte_def = f.vw.getByteDef(target)
+            if byte_def:
+                _offset, _buf = byte_def
+                if _buf[_offset:].startswith(b"\xf3\x0f\x1e"):
+                    target += 4
 
             target = capa.features.extractors.viv.helpers.get_coderef_from(f.vw, target)
             if not target:

capa/loader.py

@@ -21,8 +21,6 @@ from pathlib import Path
 
 from rich.console import Console
 
-from capa.helpers import assert_never
-
 import capa.rules
 import capa.helpers
 import capa.version
@@ -34,6 +32,7 @@ import capa.render.result_document as rdoc
 import capa.features.extractors.common
 from capa.rules import RuleSet
 from capa.engine import MatchResults
+from capa.helpers import assert_never
 from capa.exceptions import (
     UnsupportedOSError,
     UnsupportedArchError,

capa/render/verbose.py

@@ -37,12 +37,12 @@ from rich.table import Table
 import capa.rules
 import capa.helpers
 import capa.render.utils as rutils
-from capa.helpers import assert_never
 import capa.features.freeze as frz
 import capa.features.address
 import capa.render.result_document as rd
 from capa.rules import RuleSet
 from capa.engine import MatchResults
+from capa.helpers import assert_never
 from capa.render.utils import Console
 
 

capa/render/vverbose.py

@@ -22,7 +22,6 @@ from rich.table import Table
 import capa.rules
 import capa.helpers
 import capa.render.utils as rutils
-from capa.helpers import assert_never
 import capa.render.verbose
 import capa.features.common
 import capa.features.freeze as frz
@@ -31,6 +30,7 @@ import capa.render.result_document as rd
 import capa.features.freeze.features as frzf
 from capa.rules import RuleSet
 from capa.engine import MatchResults
+from capa.helpers import assert_never
 from capa.render.utils import Console
 
 logger = logging.getLogger(__name__)