From 5a10b612a1b206e7cdba5026339bb62377ab35bc Mon Sep 17 00:00:00 2001
From: Yacine Elhamer <elhamer.yacine@gmail.com>
Date: Mon, 12 Jun 2023 00:06:53 +0100
Subject: [PATCH] add a Mutex feature

---
 capa/features/common.py | 12 ++++++++++++
 capa/rules/__init__.py  |  2 ++
 2 files changed, 14 insertions(+)

diff --git a/capa/features/common.py b/capa/features/common.py
index 2563887a..8318dee5 100644
--- a/capa/features/common.py
+++ b/capa/features/common.py
@@ -296,6 +296,18 @@ class Filename(String):
         return False
 
 
+class Mutex(String):
+    # todo: add a way to tell whether this mutex was created or used
+    def __init__(self, value: str, description=None):
+        super().__init__(value, description)
+
+    def __eq__(self, other):
+        # Mutex instance is in a ruleset
+        if isinstance(other, Mutex):
+            return super().__eq__(other)
+        return False
+
+
 class Regex(String):
     def __init__(self, value: str, description=None):
         super().__init__(value, description=description)
diff --git a/capa/rules/__init__.py b/capa/rules/__init__.py
index 9000fe92..01908790 100644
--- a/capa/rules/__init__.py
+++ b/capa/rules/__init__.py
@@ -265,6 +265,8 @@ def parse_feature(key: str):
         return capa.features.common.Registry
     elif key == "filename":
         return capa.features.common.Filename
+    elif key == "mutex":
+        return capa.features.common.Mutex
     elif key == "bytes":
         return capa.features.common.Bytes
     elif key == "number":