diff --git a/.github/flake8.ini b/.github/flake8.ini index 5e0eb3fe..f949f801 100644 --- a/.github/flake8.ini +++ b/.github/flake8.ini @@ -24,7 +24,6 @@ extend-ignore = # makes lines too long SIM117 - per-file-ignores = # T201 print found. # @@ -35,4 +34,8 @@ per-file-ignores = # IDA tests emit results to output window so need to print tests/test_ida_features.py: T201 # utility used to find the Binary Ninja API via invoking python.exe - capa/features/extractors/binja/find_binja_api.py: T201 \ No newline at end of file + capa/features/extractors/binja/find_binja_api.py: T201 + +copyright-check = True +copyright-min-file-size = 1 +copyright-regexp = Copyright \(C\) 2023 Mandiant, Inc. All Rights Reserved. \ No newline at end of file diff --git a/.github/ruff.toml b/.github/ruff.toml index 3a5254a9..306cc891 100644 --- a/.github/ruff.toml +++ b/.github/ruff.toml @@ -41,21 +41,3 @@ exclude = [ "*_pb2.py", "*_pb2.pyi" ] - -[per-file-ignores] -# until we address #1592 and move test fixtures into conftest.py -# then we need to ignore imports done to enable pytest fixtures. -# -# F401: `foo` imported but unused -# F811 Redefinition of unused `foo` -"tests/test_main.py" = ["F401", "F811"] -"tests/test_proto.py" = ["F401", "F811"] -"tests/test_freeze.py" = ["F401", "F811"] -"tests/test_function_id.py" = ["F401", "F811"] -"tests/test_viv_features.py" = ["F401", "F811"] -"tests/test_binja_features.py" = ["F401", "F811"] -"tests/test_pefile_features.py" = ["F401", "F811"] -"tests/test_dnfile_features.py" = ["F401", "F811"] -"tests/test_dotnet_features.py" = ["F401", "F811"] -"tests/test_result_document.py" = ["F401", "F811"] -"tests/test_dotnetfile_features.py" = ["F401", "F811"] diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 08797988..73822bfb 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,14 +1,14 @@ name: build -permissions: - contents: write - on: pull_request: branches: [ master ] release: types: [edited, published] +permissions: + contents: write + jobs: build: name: PyInstaller for ${{ matrix.os }} diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index 6390e184..853a5cc4 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -7,6 +7,8 @@ on: pull_request_target: types: [opened, edited, synchronize] +permissions: read-all + jobs: check_changelog: # no need to check for dependency updates via dependabot diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 390a814f..314f5261 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -2,13 +2,13 @@ # https://blog.trailofbits.com/2023/05/23/trusted-publishing-a-new-benchmark-for-packaging-security/ name: publish to pypi -permissions: - contents: write - on: release: types: [published] +permissions: + contents: write + jobs: pypi-publish: runs-on: ubuntu-latest diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml index 87bf8f45..752a008e 100644 --- a/.github/workflows/tag.yml +++ b/.github/workflows/tag.yml @@ -4,6 +4,8 @@ on: release: types: [published] +permissions: read-all + jobs: tag: name: Tag capa rules diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 577c153d..e5265340 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -6,6 +6,8 @@ on: pull_request: branches: [ master, backend-ghidra ] +permissions: read-all + # save workspaces to speed up testing env: CAPA_SAVE_WORKSPACE: "True" @@ -27,10 +29,11 @@ jobs: steps: - name: Checkout capa uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 - - name: Set up Python 3.8 + # use latest available python to take advantage of best performance + - name: Set up Python 3.11 uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435 # v4.5.0 with: - python-version: "3.8" + python-version: "3.11" - name: Install dependencies run: pip install -e .[dev] - name: Lint with ruff @@ -51,10 +54,10 @@ jobs: uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 with: submodules: recursive - - name: Set up Python 3.8 + - name: Set up Python 3.11 uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435 # v4.5.0 with: - python-version: "3.8" + python-version: "3.11" - name: Install capa run: pip install -e .[dev] - name: Run rule linter diff --git a/CHANGELOG.md b/CHANGELOG.md index 3e5b774f..f16a529c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -61,11 +61,14 @@ - tests: refine the IDA test runner script #1513 @williballenthin - output: don't leave behind traces of progress bar @williballenthin - import-to-ida: fix bug introduced with JSON report changes in v5 #1584 @williballenthin +- main: don't show spinner when emitting debug messages #1636 @williballenthin ### capa explorer IDA Pro plugin ### Development - update ATT&CK/MBC data for linting #1568 @mr-tz +- log time taken to analyze each function #1290 @williballenthin +- tests: make fixture available via conftest.py #1592 @williballenthin ### Raw diffs - [capa v5.1.0...master](https://github.com/mandiant/capa/compare/v5.1.0...master) diff --git a/LICENSE.txt b/LICENSE.txt index 6a1de7cf..861a3e4f 100644 --- a/LICENSE.txt +++ b/LICENSE.txt @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright (C) 2020 Mandiant, Inc. + Copyright (C) 2023 Mandiant, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/capa/engine.py b/capa/engine.py index d498639d..8ae36d3e 100644 --- a/capa/engine.py +++ b/capa/engine.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/exceptions.py b/capa/exceptions.py index 8c939997..e080791a 100644 --- a/capa/exceptions.py +++ b/capa/exceptions.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. class UnsupportedRuntimeError(RuntimeError): pass diff --git a/capa/features/address.py b/capa/features/address.py index 251b498a..42828495 100644 --- a/capa/features/address.py +++ b/capa/features/address.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import abc diff --git a/capa/features/basicblock.py b/capa/features/basicblock.py index 09f1b26d..5d768ea2 100644 --- a/capa/features/basicblock.py +++ b/capa/features/basicblock.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/common.py b/capa/features/common.py index 5ea1612b..3216c38e 100644 --- a/capa/features/common.py +++ b/capa/features/common.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/base_extractor.py b/capa/features/extractors/base_extractor.py index 3be983ed..09776df2 100644 --- a/capa/features/extractors/base_extractor.py +++ b/capa/features/extractors/base_extractor.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/binja/basicblock.py b/capa/features/extractors/binja/basicblock.py index eff597b5..30af516d 100644 --- a/capa/features/extractors/binja/basicblock.py +++ b/capa/features/extractors/binja/basicblock.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/binja/extractor.py b/capa/features/extractors/binja/extractor.py index 792db3d2..167a8e6e 100644 --- a/capa/features/extractors/binja/extractor.py +++ b/capa/features/extractors/binja/extractor.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/binja/file.py b/capa/features/extractors/binja/file.py index c36b5b48..d46451e7 100644 --- a/capa/features/extractors/binja/file.py +++ b/capa/features/extractors/binja/file.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/binja/find_binja_api.py b/capa/features/extractors/binja/find_binja_api.py index 5433ff47..e97dfc0d 100644 --- a/capa/features/extractors/binja/find_binja_api.py +++ b/capa/features/extractors/binja/find_binja_api.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/binja/function.py b/capa/features/extractors/binja/function.py index 2bf735db..a502a5f4 100644 --- a/capa/features/extractors/binja/function.py +++ b/capa/features/extractors/binja/function.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/binja/global_.py b/capa/features/extractors/binja/global_.py index afcec4ad..7430d740 100644 --- a/capa/features/extractors/binja/global_.py +++ b/capa/features/extractors/binja/global_.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import logging from typing import Tuple, Iterator diff --git a/capa/features/extractors/binja/helpers.py b/capa/features/extractors/binja/helpers.py index 4baae3f9..a96f64da 100644 --- a/capa/features/extractors/binja/helpers.py +++ b/capa/features/extractors/binja/helpers.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/binja/insn.py b/capa/features/extractors/binja/insn.py index ebcf35bf..3144fd15 100644 --- a/capa/features/extractors/binja/insn.py +++ b/capa/features/extractors/binja/insn.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/common.py b/capa/features/extractors/common.py index 6beaa72d..2d4f0266 100644 --- a/capa/features/extractors/common.py +++ b/capa/features/extractors/common.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import io import logging import binascii diff --git a/capa/features/extractors/dnfile/extractor.py b/capa/features/extractors/dnfile/extractor.py index ba76270b..98a1dd0b 100644 --- a/capa/features/extractors/dnfile/extractor.py +++ b/capa/features/extractors/dnfile/extractor.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/dnfile/file.py b/capa/features/extractors/dnfile/file.py index 600ec17d..8ab2cc38 100644 --- a/capa/features/extractors/dnfile/file.py +++ b/capa/features/extractors/dnfile/file.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/dnfile/function.py b/capa/features/extractors/dnfile/function.py index 5ddde9a8..32069ed3 100644 --- a/capa/features/extractors/dnfile/function.py +++ b/capa/features/extractors/dnfile/function.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/dnfile/helpers.py b/capa/features/extractors/dnfile/helpers.py index 14db7bbb..def6cd04 100644 --- a/capa/features/extractors/dnfile/helpers.py +++ b/capa/features/extractors/dnfile/helpers.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/dnfile/insn.py b/capa/features/extractors/dnfile/insn.py index b70f39dc..bdaf7a3a 100644 --- a/capa/features/extractors/dnfile/insn.py +++ b/capa/features/extractors/dnfile/insn.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/dnfile/types.py b/capa/features/extractors/dnfile/types.py index 7b5da2bc..6c6d5992 100644 --- a/capa/features/extractors/dnfile/types.py +++ b/capa/features/extractors/dnfile/types.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/dnfile_.py b/capa/features/extractors/dnfile_.py index 58ae1539..180d1308 100644 --- a/capa/features/extractors/dnfile_.py +++ b/capa/features/extractors/dnfile_.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import logging from typing import Tuple, Iterator from pathlib import Path diff --git a/capa/features/extractors/dotnetfile.py b/capa/features/extractors/dotnetfile.py index 75f34fa2..76672e51 100644 --- a/capa/features/extractors/dotnetfile.py +++ b/capa/features/extractors/dotnetfile.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import logging from typing import Tuple, Iterator from pathlib import Path diff --git a/capa/features/extractors/elf.py b/capa/features/extractors/elf.py index c9a3db79..c3305444 100644 --- a/capa/features/extractors/elf.py +++ b/capa/features/extractors/elf.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/elffile.py b/capa/features/extractors/elffile.py index edf74dc2..da64a412 100644 --- a/capa/features/extractors/elffile.py +++ b/capa/features/extractors/elffile.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/helpers.py b/capa/features/extractors/helpers.py index d27b85b1..66399b12 100644 --- a/capa/features/extractors/helpers.py +++ b/capa/features/extractors/helpers.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/ida/basicblock.py b/capa/features/extractors/ida/basicblock.py index 88a1247e..81790132 100644 --- a/capa/features/extractors/ida/basicblock.py +++ b/capa/features/extractors/ida/basicblock.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/ida/extractor.py b/capa/features/extractors/ida/extractor.py index 0d44ba9e..bf5d1682 100644 --- a/capa/features/extractors/ida/extractor.py +++ b/capa/features/extractors/ida/extractor.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/ida/file.py b/capa/features/extractors/ida/file.py index e75d59e1..051ecafd 100644 --- a/capa/features/extractors/ida/file.py +++ b/capa/features/extractors/ida/file.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/ida/function.py b/capa/features/extractors/ida/function.py index cb4d6329..54a72a6b 100644 --- a/capa/features/extractors/ida/function.py +++ b/capa/features/extractors/ida/function.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/ida/global_.py b/capa/features/extractors/ida/global_.py index 3cca914e..17f37bc4 100644 --- a/capa/features/extractors/ida/global_.py +++ b/capa/features/extractors/ida/global_.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import logging import contextlib from typing import Tuple, Iterator diff --git a/capa/features/extractors/ida/helpers.py b/capa/features/extractors/ida/helpers.py index e2553e82..ad57371c 100644 --- a/capa/features/extractors/ida/helpers.py +++ b/capa/features/extractors/ida/helpers.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/ida/insn.py b/capa/features/extractors/ida/insn.py index e031b7a5..cb6c89ac 100644 --- a/capa/features/extractors/ida/insn.py +++ b/capa/features/extractors/ida/insn.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/loops.py b/capa/features/extractors/loops.py index 96ddb2d9..26202011 100644 --- a/capa/features/extractors/loops.py +++ b/capa/features/extractors/loops.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/null.py b/capa/features/extractors/null.py index 892eadc8..c7206ced 100644 --- a/capa/features/extractors/null.py +++ b/capa/features/extractors/null.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. from typing import Dict, List, Tuple from dataclasses import dataclass diff --git a/capa/features/extractors/pefile.py b/capa/features/extractors/pefile.py index 078e6ff0..a820e7b8 100644 --- a/capa/features/extractors/pefile.py +++ b/capa/features/extractors/pefile.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/strings.py b/capa/features/extractors/strings.py index 3596e49d..5f563b1c 100644 --- a/capa/features/extractors/strings.py +++ b/capa/features/extractors/strings.py @@ -1,6 +1,6 @@ # strings code from FLOSS, https://github.com/mandiant/flare-floss # -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/viv/basicblock.py b/capa/features/extractors/viv/basicblock.py index ef13a925..46bdb2b0 100644 --- a/capa/features/extractors/viv/basicblock.py +++ b/capa/features/extractors/viv/basicblock.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/viv/extractor.py b/capa/features/extractors/viv/extractor.py index 588ff88c..faddb05d 100644 --- a/capa/features/extractors/viv/extractor.py +++ b/capa/features/extractors/viv/extractor.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/viv/file.py b/capa/features/extractors/viv/file.py index 0deee2c7..cc078016 100644 --- a/capa/features/extractors/viv/file.py +++ b/capa/features/extractors/viv/file.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/viv/function.py b/capa/features/extractors/viv/function.py index 153065f9..112f4fa1 100644 --- a/capa/features/extractors/viv/function.py +++ b/capa/features/extractors/viv/function.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/viv/global_.py b/capa/features/extractors/viv/global_.py index cea50da2..1b204237 100644 --- a/capa/features/extractors/viv/global_.py +++ b/capa/features/extractors/viv/global_.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import logging from typing import Tuple, Iterator diff --git a/capa/features/extractors/viv/helpers.py b/capa/features/extractors/viv/helpers.py index a7554ac1..662704af 100644 --- a/capa/features/extractors/viv/helpers.py +++ b/capa/features/extractors/viv/helpers.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/viv/indirect_calls.py b/capa/features/extractors/viv/indirect_calls.py index d39f08c9..71c63172 100644 --- a/capa/features/extractors/viv/indirect_calls.py +++ b/capa/features/extractors/viv/indirect_calls.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/viv/insn.py b/capa/features/extractors/viv/insn.py index 1e4633d7..fb117dfa 100644 --- a/capa/features/extractors/viv/insn.py +++ b/capa/features/extractors/viv/insn.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/file.py b/capa/features/file.py index 735464c6..46a6b65f 100644 --- a/capa/features/file.py +++ b/capa/features/file.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/freeze/__init__.py b/capa/features/freeze/__init__.py index ea935139..9584990f 100644 --- a/capa/features/freeze/__init__.py +++ b/capa/features/freeze/__init__.py @@ -1,7 +1,7 @@ """ capa freeze file format: `| capa0000 | + zlib(utf-8(json(...)))` -Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/freeze/features.py b/capa/features/freeze/features.py index 39f9b0d8..ba651672 100644 --- a/capa/features/freeze/features.py +++ b/capa/features/freeze/features.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import binascii from typing import Union, Optional diff --git a/capa/features/insn.py b/capa/features/insn.py index f4be23c8..062882db 100644 --- a/capa/features/insn.py +++ b/capa/features/insn.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/helpers.py b/capa/helpers.py index b8100819..92f26c3d 100644 --- a/capa/helpers.py +++ b/capa/helpers.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/helpers.py b/capa/ida/helpers.py index 4f3d2a0b..89e12c60 100644 --- a/capa/ida/helpers.py +++ b/capa/ida/helpers.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/__init__.py b/capa/ida/plugin/__init__.py index a24e7d38..789a1e1c 100644 --- a/capa/ida/plugin/__init__.py +++ b/capa/ida/plugin/__init__.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/cache.py b/capa/ida/plugin/cache.py index 7a665033..42910ee5 100644 --- a/capa/ida/plugin/cache.py +++ b/capa/ida/plugin/cache.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/capa_explorer.py b/capa/ida/plugin/capa_explorer.py index 5514aec2..a34bd08d 100644 --- a/capa/ida/plugin/capa_explorer.py +++ b/capa/ida/plugin/capa_explorer.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/error.py b/capa/ida/plugin/error.py index 87bb0c19..28139e90 100644 --- a/capa/ida/plugin/error.py +++ b/capa/ida/plugin/error.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/extractor.py b/capa/ida/plugin/extractor.py index 58bbc4ba..9745c055 100644 --- a/capa/ida/plugin/extractor.py +++ b/capa/ida/plugin/extractor.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/form.py b/capa/ida/plugin/form.py index 7e381dde..19628e2a 100644 --- a/capa/ida/plugin/form.py +++ b/capa/ida/plugin/form.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/hooks.py b/capa/ida/plugin/hooks.py index 2f978e74..fdbbe8e4 100644 --- a/capa/ida/plugin/hooks.py +++ b/capa/ida/plugin/hooks.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/icon.py b/capa/ida/plugin/icon.py index 76a6dfb2..76b42cd2 100644 --- a/capa/ida/plugin/icon.py +++ b/capa/ida/plugin/icon.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import base64 # this is just `capa/.github/icon.png`. diff --git a/capa/ida/plugin/item.py b/capa/ida/plugin/item.py index b2be1c14..17259f61 100644 --- a/capa/ida/plugin/item.py +++ b/capa/ida/plugin/item.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/model.py b/capa/ida/plugin/model.py index 1d2b1132..47a6e7f7 100644 --- a/capa/ida/plugin/model.py +++ b/capa/ida/plugin/model.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/proxy.py b/capa/ida/plugin/proxy.py index e67147bd..0c8b8d2c 100644 --- a/capa/ida/plugin/proxy.py +++ b/capa/ida/plugin/proxy.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/view.py b/capa/ida/plugin/view.py index e93513c2..f041f5bc 100644 --- a/capa/ida/plugin/view.py +++ b/capa/ida/plugin/view.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/main.py b/capa/main.py index a38d68c3..9724f314 100644 --- a/capa/main.py +++ b/capa/main.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 """ -Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt @@ -20,7 +20,7 @@ import textwrap import itertools import contextlib import collections -from typing import Any, Dict, List, Tuple, Callable +from typing import Any, Dict, List, Tuple, Callable, Optional from pathlib import Path import halo @@ -266,6 +266,7 @@ def find_capabilities(ruleset: RuleSet, extractor: FeatureExtractor, disable_pro pb = pbar(functions, desc="matching", unit=" functions", postfix="skipped 0 library functions", leave=False) for f in pb: + t0 = time.time() if extractor.is_library_function(f.address): function_name = extractor.get_function_name(f.address) logger.debug("skipping library function 0x%x (%s)", f.address, function_name) @@ -284,7 +285,18 @@ def find_capabilities(ruleset: RuleSet, extractor: FeatureExtractor, disable_pro feature_counts.functions += ( rdoc.FunctionFeatureCount(address=frz.Address.from_capa(f.address), count=feature_count), ) - logger.debug("analyzed function 0x%x and extracted %d features", f.address, feature_count) + t1 = time.time() + + match_count = sum(len(res) for res in function_matches.values()) + match_count += sum(len(res) for res in bb_matches.values()) + match_count += sum(len(res) for res in insn_matches.values()) + logger.debug( + "analyzed function 0x%x and extracted %d features, %d matches in %0.02fs", + f.address, + feature_count, + match_count, + t1 - t0, + ) for rule_name, res in function_matches.items(): all_function_matches[rule_name].extend(res) @@ -1060,7 +1072,7 @@ def handle_common_args(args): args.signatures = sigs_path -def main(argv=None): +def main(argv: Optional[List[str]] = None): if sys.version_info < (3, 8): raise UnsupportedRuntimeError("This version of capa can only be used with Python 3.8+") @@ -1238,7 +1250,7 @@ def main(argv=None): args.backend, sig_paths, should_save_workspace, - disable_progress=args.quiet, + disable_progress=args.quiet or args.debug, ) except UnsupportedFormatError: log_unsupported_format_error() diff --git a/capa/optimizer.py b/capa/optimizer.py index 1c8e529a..0ebee844 100644 --- a/capa/optimizer.py +++ b/capa/optimizer.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import logging import capa.engine as ceng diff --git a/capa/perf.py b/capa/perf.py index 54575e99..7358c5f9 100644 --- a/capa/perf.py +++ b/capa/perf.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import typing import collections diff --git a/capa/render/default.py b/capa/render/default.py index 556c82a4..79567e4b 100644 --- a/capa/render/default.py +++ b/capa/render/default.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/render/json.py b/capa/render/json.py index 8fb21fb5..d015641d 100644 --- a/capa/render/json.py +++ b/capa/render/json.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/render/result_document.py b/capa/render/result_document.py index 00c3eb9b..0919207c 100644 --- a/capa/render/result_document.py +++ b/capa/render/result_document.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/render/utils.py b/capa/render/utils.py index d9cb9308..fb393234 100644 --- a/capa/render/utils.py +++ b/capa/render/utils.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/render/verbose.py b/capa/render/verbose.py index 227c5fc7..c3ec2442 100644 --- a/capa/render/verbose.py +++ b/capa/render/verbose.py @@ -14,7 +14,7 @@ example:: 0x10003415 0x10003797 -Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/render/vverbose.py b/capa/render/vverbose.py index cadad7c7..59189833 100644 --- a/capa/render/vverbose.py +++ b/capa/render/vverbose.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/rules/__init__.py b/capa/rules/__init__.py index a9fd4f1f..066c3a11 100644 --- a/capa/rules/__init__.py +++ b/capa/rules/__init__.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/rules/cache.py b/capa/rules/cache.py index 1269712b..5cc1d1d4 100644 --- a/capa/rules/cache.py +++ b/capa/rules/cache.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import os import sys import zlib diff --git a/capa/version.py b/capa/version.py index 2c270402..5ce717b2 100644 --- a/capa/version.py +++ b/capa/version.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. __version__ = "5.1.0" diff --git a/pyproject.toml b/pyproject.toml index 183a04b6..1e73090f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -75,7 +75,9 @@ dev = [ "flake8-print==5.0.0", "flake8-todos==0.3.0", "flake8-simplify==0.20.0", - "ruff==0.0.277", + "flake8-use-pathlib==0.3.0", + "flake8-copyright==0.2.4", + "ruff==0.0.278", "black==23.7.0", "isort==5.11.4", "mypy==1.4.1", diff --git a/rules b/rules index e51b74e0..85a980a6 160000 --- a/rules +++ b/rules @@ -1 +1 @@ -Subproject commit e51b74e012d1e8541e8dc6933022628d6925c1b9 +Subproject commit 85a980a6cc8557af10bc1220eac9251ce3334ab5 diff --git a/scripts/bulk-process.py b/scripts/bulk-process.py index dc75ac76..fb6ecdd3 100644 --- a/scripts/bulk-process.py +++ b/scripts/bulk-process.py @@ -1,4 +1,11 @@ #!/usr/bin/env python +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. """ bulk-process @@ -47,7 +54,7 @@ usage: parallelism factor --no-mp disable subprocesses -Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/scripts/capa2yara.py b/scripts/capa2yara.py index 7f84f7b6..4f0a8b90 100644 --- a/scripts/capa2yara.py +++ b/scripts/capa2yara.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. """ Convert capa rules to YARA rules (where this is possible) diff --git a/scripts/capa_as_library.py b/scripts/capa_as_library.py index ecc20de1..06613dcb 100644 --- a/scripts/capa_as_library.py +++ b/scripts/capa_as_library.py @@ -1,4 +1,11 @@ #!/usr/bin/env python3 +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import json import collections diff --git a/scripts/capafmt.py b/scripts/capafmt.py index f99071d4..fa829800 100644 --- a/scripts/capafmt.py +++ b/scripts/capafmt.py @@ -6,7 +6,7 @@ Usage: $ python capafmt.py -i foo.yml -Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/scripts/detect-elf-os.py b/scripts/detect-elf-os.py index 6a917314..5adf85de 100644 --- a/scripts/detect-elf-os.py +++ b/scripts/detect-elf-os.py @@ -1,6 +1,6 @@ #!/usr/bin/env python2 """ -Copyright (C) 2021 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/scripts/detect_duplicate_features.py b/scripts/detect_duplicate_features.py index bfbd9baf..dd9b9838 100644 --- a/scripts/detect_duplicate_features.py +++ b/scripts/detect_duplicate_features.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import sys import logging import argparse diff --git a/scripts/import-to-bn.py b/scripts/import-to-bn.py index 54f63d76..74293f74 100644 --- a/scripts/import-to-bn.py +++ b/scripts/import-to-bn.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. """ Binary Ninja plugin that imports a capa report, produced via `capa --json /path/to/sample`, diff --git a/scripts/import-to-ida.py b/scripts/import-to-ida.py index 42c56445..121d8158 100644 --- a/scripts/import-to-ida.py +++ b/scripts/import-to-ida.py @@ -20,7 +20,7 @@ and then select the existing capa report from the file system. This script will verify that the report matches the workspace. Check the output window for any errors, and/or the summary of changes. -Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/scripts/lint.py b/scripts/lint.py index ce1d3e3f..847f574a 100644 --- a/scripts/lint.py +++ b/scripts/lint.py @@ -5,7 +5,7 @@ Usage: $ python scripts/lint.py rules/ -Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/scripts/match-function-id.py b/scripts/match-function-id.py index 0daa88bb..7fe51e23 100644 --- a/scripts/match-function-id.py +++ b/scripts/match-function-id.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 """ -Copyright (C) 2021 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/scripts/profile-memory.py b/scripts/profile-memory.py index e3e98f56..b958eac0 100644 --- a/scripts/profile-memory.py +++ b/scripts/profile-memory.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import gc import linecache import tracemalloc diff --git a/scripts/profile-time.py b/scripts/profile-time.py index c6197b35..b6c48683 100644 --- a/scripts/profile-time.py +++ b/scripts/profile-time.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. """ Invoke capa multiple times and record profiling informations. Use the --number and --repeat options to change the number of iterations. diff --git a/scripts/setup-linter-dependencies.py b/scripts/setup-linter-dependencies.py index 7aad2ab1..bc7f9bf0 100644 --- a/scripts/setup-linter-dependencies.py +++ b/scripts/setup-linter-dependencies.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. """ Generate capa linter-data.json, used to validate Att&ck/MBC IDs and names. diff --git a/scripts/show-capabilities-by-function.py b/scripts/show-capabilities-by-function.py index df2c79d3..78700088 100644 --- a/scripts/show-capabilities-by-function.py +++ b/scripts/show-capabilities-by-function.py @@ -1,4 +1,11 @@ #!/usr/bin/env python2 +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. """ show-capabilities-by-function @@ -40,7 +47,7 @@ Example:: - connect TCP socket ... -Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/scripts/show-features.py b/scripts/show-features.py index e062b35d..25f1662b 100644 --- a/scripts/show-features.py +++ b/scripts/show-features.py @@ -1,6 +1,6 @@ #!/usr/bin/env python2 """ -Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/conftest.py b/tests/conftest.py new file mode 100644 index 00000000..efe603a7 --- /dev/null +++ b/tests/conftest.py @@ -0,0 +1,20 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. + +# import all the symbols from our fixtures +# and make available to test cases, implicitly. +# this is thanks to pytest magic. +# +# see the following for a discussion: +# https://www.revsys.com/tidbits/pytest-fixtures-are-magic/ +# https://lobste.rs/s/j8xgym/pytest_fixtures_are_magic +from fixtures import * # noqa: F403 [unable to detect undefined names] +from fixtures import _692f_dotnetfile_extractor # noqa: F401 [imported but unused] +from fixtures import _1c444_dotnetfile_extractor # noqa: F401 [imported but unused] +from fixtures import _039a6_dotnetfile_extractor # noqa: F401 [imported but unused] +from fixtures import _0953c_dotnetfile_extractor # noqa: F401 [imported but unused] diff --git a/tests/data b/tests/data index a0cfe3ac..bfcf387b 160000 --- a/tests/data +++ b/tests/data @@ -1 +1 @@ -Subproject commit a0cfe3aca94b86b6ee15d713c75f3c882231716a +Subproject commit bfcf387b5b55e65ef02ceb0cc5191ebe49ad5614 diff --git a/tests/fixtures.py b/tests/fixtures.py index 9e36dd14..2eaf86ae 100644 --- a/tests/fixtures.py +++ b/tests/fixtures.py @@ -1,5 +1,4 @@ -# -*- coding: utf-8 -*- -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_binja_features.py b/tests/test_binja_features.py index 5819e0dc..b2256f80 100644 --- a/tests/test_binja_features.py +++ b/tests/test_binja_features.py @@ -1,17 +1,15 @@ -# Copyright (C) 2020 FireEye, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt # Unless required by applicable law or agreed to in writing, software distributed under the License # is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and limitations under the License. -import os import logging from pathlib import Path import pytest import fixtures -from fixtures import scope, sample import capa.main @@ -59,7 +57,7 @@ def test_binja_feature_counts(sample, scope, feature, expected): def test_standalone_binja_backend(): CD = Path(__file__).resolve().parent test_path = CD / ".." / "tests" / "data" / "Practical Malware Analysis Lab 01-01.exe_" - assert capa.main.main([test_path, "-b", capa.main.BACKEND_BINJA]) == 0 + assert capa.main.main([str(test_path), "-b", capa.main.BACKEND_BINJA]) == 0 @pytest.mark.skipif(binja_present is False, reason="Skip binja tests if the binaryninja Python API is not installed") diff --git a/tests/test_dnfile_features.py b/tests/test_dnfile_features.py index 5ffa2ead..d5448766 100644 --- a/tests/test_dnfile_features.py +++ b/tests/test_dnfile_features.py @@ -1,13 +1,11 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt # Unless required by applicable law or agreed to in writing, software distributed under the License # is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and limitations under the License. - import fixtures -from fixtures import scope, sample @fixtures.parametrize( diff --git a/tests/test_dotnet_features.py b/tests/test_dotnet_features.py index af633386..51ce66b0 100644 --- a/tests/test_dotnet_features.py +++ b/tests/test_dotnet_features.py @@ -1,13 +1,11 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt # Unless required by applicable law or agreed to in writing, software distributed under the License # is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and limitations under the License. - import fixtures -from fixtures import scope, sample, b9f5b_dotnetfile_extractor, mixed_mode_64_dotnetfile_extractor @fixtures.parametrize( diff --git a/tests/test_dotnetfile_features.py b/tests/test_dotnetfile_features.py index 3b4858a1..c1dfcf46 100644 --- a/tests/test_dotnetfile_features.py +++ b/tests/test_dotnetfile_features.py @@ -1,27 +1,19 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt # Unless required by applicable law or agreed to in writing, software distributed under the License # is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and limitations under the License. - import pytest import fixtures -from fixtures import ( - FEATURE_PRESENCE_TESTS_DOTNET, - scope, - sample, - b9f5b_dotnetfile_extractor, - mixed_mode_64_dotnetfile_extractor, -) import capa.features.file @fixtures.parametrize( "sample,scope,feature,expected", - FEATURE_PRESENCE_TESTS_DOTNET, + fixtures.FEATURE_PRESENCE_TESTS_DOTNET, indirect=["sample", "scope"], ) def test_dotnetfile_features(sample, scope, feature, expected): diff --git a/tests/test_engine.py b/tests/test_engine.py index 785896a3..f8c626db 100644 --- a/tests/test_engine.py +++ b/tests/test_engine.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_fmt.py b/tests/test_fmt.py index 96101dfb..6bb0f087 100644 --- a/tests/test_fmt.py +++ b/tests/test_fmt.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_freeze.py b/tests/test_freeze.py index a3930391..cbc60b48 100644 --- a/tests/test_freeze.py +++ b/tests/test_freeze.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt @@ -10,7 +10,6 @@ from typing import List from pathlib import Path import pytest -from fixtures import z9324d_extractor import capa.main import capa.rules diff --git a/tests/test_function_id.py b/tests/test_function_id.py index 65af1ae0..bc177347 100644 --- a/tests/test_function_id.py +++ b/tests/test_function_id.py @@ -1,4 +1,11 @@ -from fixtures import get_function, pma16_01_extractor, extract_function_features +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. +import fixtures import capa.features.insn @@ -22,6 +29,6 @@ def test_function_id_complex_match(pma16_01_extractor): def test_function_id_api_feature(pma16_01_extractor): - f = get_function(pma16_01_extractor, 0x404548) - features = extract_function_features(pma16_01_extractor, f) + f = fixtures.get_function(pma16_01_extractor, 0x404548) + features = fixtures.extract_function_features(pma16_01_extractor, f) assert capa.features.insn.API("__aulldiv") in features diff --git a/tests/test_helpers.py b/tests/test_helpers.py index 90b689b3..f956be5c 100644 --- a/tests/test_helpers.py +++ b/tests/test_helpers.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_ida_features.py b/tests/test_ida_features.py index 3eb3b053..239f045e 100644 --- a/tests/test_ida_features.py +++ b/tests/test_ida_features.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. """ run this script from within IDA to test the IDA feature extractor. you must have loaded a file referenced by a test case in order diff --git a/tests/test_main.py b/tests/test_main.py index 45554760..278bc729 100644 --- a/tests/test_main.py +++ b/tests/test_main.py @@ -1,5 +1,5 @@ # -*- coding: utf-8 -*- -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt @@ -10,16 +10,6 @@ import json import textwrap import fixtures -from fixtures import ( - z499c2_extractor, - z9324d_extractor, - pma16_01_extractor, - pingtaest_extractor, - _692f_dotnetfile_extractor, - _1c444_dotnetfile_extractor, - _039a6_dotnetfile_extractor, - _0953c_dotnetfile_extractor, -) import capa.main import capa.rules diff --git a/tests/test_match.py b/tests/test_match.py index 99301cce..2c9928db 100644 --- a/tests/test_match.py +++ b/tests/test_match.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_optimizer.py b/tests/test_optimizer.py index 40c008fa..20c098de 100644 --- a/tests/test_optimizer.py +++ b/tests/test_optimizer.py @@ -1,4 +1,4 @@ -# Copyright (C) 2021 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_os_detection.py b/tests/test_os_detection.py index 9f835177..d5806d45 100644 --- a/tests/test_os_detection.py +++ b/tests/test_os_detection.py @@ -1,5 +1,5 @@ # -*- coding: utf-8 -*- -# Copyright (C) 2022 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_pefile_features.py b/tests/test_pefile_features.py index c9013d50..cb19b468 100644 --- a/tests/test_pefile_features.py +++ b/tests/test_pefile_features.py @@ -1,15 +1,12 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt # Unless required by applicable law or agreed to in writing, software distributed under the License # is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and limitations under the License. -from pathlib import PosixPath - import pytest import fixtures -from fixtures import scope, sample import capa.features.file diff --git a/tests/test_proto.py b/tests/test_proto.py index 8a76ccfc..6f0137fe 100644 --- a/tests/test_proto.py +++ b/tests/test_proto.py @@ -9,7 +9,6 @@ import copy from typing import Any import pytest -from fixtures import a3f3bbc_rd, a076114_rd, pma0101_rd, al_khaserx64_rd, al_khaserx86_rd, dotnet_1c444e_rd import capa.rules import capa.render diff --git a/tests/test_render.py b/tests/test_render.py index 9277b9f2..8f89bc5d 100644 --- a/tests/test_render.py +++ b/tests/test_render.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import textwrap import fixtures diff --git a/tests/test_result_document.py b/tests/test_result_document.py index 161628ff..27a1dbb2 100644 --- a/tests/test_result_document.py +++ b/tests/test_result_document.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt @@ -9,7 +9,6 @@ import copy import pytest import fixtures -from fixtures import a3f3bbc_rd, a076114_rd, pma0101_rd, al_khaserx64_rd, al_khaserx86_rd, dotnet_1c444e_rd import capa import capa.engine as ceng diff --git a/tests/test_rules.py b/tests/test_rules.py index afd9c012..024a40d3 100644 --- a/tests/test_rules.py +++ b/tests/test_rules.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_rules_insn_scope.py b/tests/test_rules_insn_scope.py index 481b3cd9..c6dd3fd7 100644 --- a/tests/test_rules_insn_scope.py +++ b/tests/test_rules_insn_scope.py @@ -1,4 +1,4 @@ -# Copyright (C) 2022 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_scripts.py b/tests/test_scripts.py index e8971f0e..4baa96a9 100644 --- a/tests/test_scripts.py +++ b/tests/test_scripts.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_viv_features.py b/tests/test_viv_features.py index 1e07ca74..b63f0dc6 100644 --- a/tests/test_viv_features.py +++ b/tests/test_viv_features.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt @@ -6,7 +6,6 @@ # is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and limitations under the License. import fixtures -from fixtures import scope, sample @fixtures.parametrize(