From 6b2710ac7ecb0f176b4f8a4399fd3ebb395862ea Mon Sep 17 00:00:00 2001 From: Yacine Elhamer Date: Fri, 2 Jun 2023 22:43:58 +0100 Subject: [PATCH] fix broken logic in extract_function_symtab_names() --- capa/features/extractors/viv/function.py | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/capa/features/extractors/viv/function.py b/capa/features/extractors/viv/function.py index ab35fa7b..a75f9311 100644 --- a/capa/features/extractors/viv/function.py +++ b/capa/features/extractors/viv/function.py @@ -34,17 +34,18 @@ def extract_function_symtab_names(fh: FunctionHandle) -> Iterator[Tuple[Feature, if fh.inner.vw.metadata["Format"] == "Elf": # the file's symbol table gets added to the metadata of the vivisect workspace. # this is in order to eliminate the computational overhead of refetching symtab each time. - fh.ctx["cache"]["symtab"] = SymTab.from_Elf(fh.inner.vw.parsedbin) + if "symtab" not in fh.ctx["cache"]: + fh.ctx["cache"]["symtab"] = SymTab.from_Elf(fh.inner.vw.parsedbin) - symtab = fh.ctx["cache"]["symtab"] - for symbol in symtab.get_symbols(): - sym_name = symtab.get_name(symbol) - sym_value = symbol.value - sym_info = symbol.info + symtab = fh.ctx["cache"]["symtab"] + for symbol in symtab.get_symbols(): + sym_name = symtab.get_name(symbol) + sym_value = symbol.value + sym_info = symbol.info - STT_FUNC = 0x2 - if sym_value == fh.address and sym_info & STT_FUNC != 0: - yield FunctionName(sym_name), fh.address + STT_FUNC = 0x2 + if sym_value == fh.address and sym_info & STT_FUNC != 0: + yield FunctionName(sym_name), fh.address def extract_function_calls_to(fhandle: FunctionHandle) -> Iterator[Tuple[Feature, Address]]: