From a32f2cc0f8e9dd6c43c6c94733213520934e2336 Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 04:19:09 +0200 Subject: [PATCH 01/28] tests: fix type error --- tests/test_binja_features.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test_binja_features.py b/tests/test_binja_features.py index 5819e0dc..c96b8c0c 100644 --- a/tests/test_binja_features.py +++ b/tests/test_binja_features.py @@ -59,7 +59,7 @@ def test_binja_feature_counts(sample, scope, feature, expected): def test_standalone_binja_backend(): CD = Path(__file__).resolve().parent test_path = CD / ".." / "tests" / "data" / "Practical Malware Analysis Lab 01-01.exe_" - assert capa.main.main([test_path, "-b", capa.main.BACKEND_BINJA]) == 0 + assert capa.main.main([str(test_path), "-b", capa.main.BACKEND_BINJA]) == 0 @pytest.mark.skipif(binja_present is False, reason="Skip binja tests if the binaryninja Python API is not installed") From acaf6c1272c85b866dd5bb79bd221265e59c6854 Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 04:25:01 +0200 Subject: [PATCH 02/28] main: add type hints for main --- capa/main.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/capa/main.py b/capa/main.py index 81b3c2d0..6138698a 100644 --- a/capa/main.py +++ b/capa/main.py @@ -20,7 +20,7 @@ import textwrap import itertools import contextlib import collections -from typing import Any, Dict, List, Tuple, Callable +from typing import Any, Dict, List, Tuple, Callable, Optional from pathlib import Path import halo @@ -1060,7 +1060,7 @@ def handle_common_args(args): args.signatures = sigs_path -def main(argv=None): +def main(argv: Optional[List[str]] = None): if sys.version_info < (3, 8): raise UnsupportedRuntimeError("This version of capa can only be used with Python 3.8+") From 7550cc846682adad1d866381aee102f2176022ab Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 04:31:20 +0200 Subject: [PATCH 03/28] introduce flake8-use-pathlib --- pyproject.toml | 1 + 1 file changed, 1 insertion(+) diff --git a/pyproject.toml b/pyproject.toml index 183a04b6..a95e2724 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -75,6 +75,7 @@ dev = [ "flake8-print==5.0.0", "flake8-todos==0.3.0", "flake8-simplify==0.20.0", + "flake8-use-pathlib==0.3.0", "ruff==0.0.277", "black==23.7.0", "isort==5.11.4", From e987fc2034c1aa3e6cfc7d750b55ad3871b9f71e Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 04:57:36 +0200 Subject: [PATCH 04/28] flake8: initial copyright config --- .github/flake8.ini | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/flake8.ini b/.github/flake8.ini index 5e0eb3fe..4e141a48 100644 --- a/.github/flake8.ini +++ b/.github/flake8.ini @@ -24,7 +24,6 @@ extend-ignore = # makes lines too long SIM117 - per-file-ignores = # T201 print found. # @@ -35,4 +34,7 @@ per-file-ignores = # IDA tests emit results to output window so need to print tests/test_ida_features.py: T201 # utility used to find the Binary Ninja API via invoking python.exe - capa/features/extractors/binja/find_binja_api.py: T201 \ No newline at end of file + capa/features/extractors/binja/find_binja_api.py: T201 + +copyright-check = True +copyright-regexp = "Copyright" \ No newline at end of file From c86ab51210dc96fe3f61d3205044b0981c38460e Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 05:03:33 +0200 Subject: [PATCH 05/28] fix copyright headers everywhere --- LICENSE.txt | 2 +- capa/engine.py | 2 +- capa/exceptions.py | 7 +++++++ capa/features/address.py | 7 +++++++ capa/features/basicblock.py | 2 +- capa/features/common.py | 2 +- capa/features/extractors/base_extractor.py | 2 +- capa/features/extractors/binja/basicblock.py | 2 +- capa/features/extractors/binja/extractor.py | 2 +- capa/features/extractors/binja/file.py | 2 +- capa/features/extractors/binja/find_binja_api.py | 2 +- capa/features/extractors/binja/function.py | 2 +- capa/features/extractors/binja/global_.py | 7 +++++++ capa/features/extractors/binja/helpers.py | 2 +- capa/features/extractors/binja/insn.py | 2 +- capa/features/extractors/common.py | 7 +++++++ capa/features/extractors/dnfile/extractor.py | 2 +- capa/features/extractors/dnfile/file.py | 2 +- capa/features/extractors/dnfile/function.py | 2 +- capa/features/extractors/dnfile/helpers.py | 2 +- capa/features/extractors/dnfile/insn.py | 2 +- capa/features/extractors/dnfile/types.py | 2 +- capa/features/extractors/dnfile_.py | 7 +++++++ capa/features/extractors/dotnetfile.py | 7 +++++++ capa/features/extractors/elf.py | 2 +- capa/features/extractors/elffile.py | 2 +- capa/features/extractors/helpers.py | 2 +- capa/features/extractors/ida/basicblock.py | 2 +- capa/features/extractors/ida/extractor.py | 2 +- capa/features/extractors/ida/file.py | 2 +- capa/features/extractors/ida/function.py | 2 +- capa/features/extractors/ida/global_.py | 7 +++++++ capa/features/extractors/ida/helpers.py | 2 +- capa/features/extractors/ida/insn.py | 2 +- capa/features/extractors/loops.py | 2 +- capa/features/extractors/null.py | 7 +++++++ capa/features/extractors/pefile.py | 2 +- capa/features/extractors/strings.py | 2 +- capa/features/extractors/viv/basicblock.py | 2 +- capa/features/extractors/viv/extractor.py | 2 +- capa/features/extractors/viv/file.py | 2 +- capa/features/extractors/viv/function.py | 2 +- capa/features/extractors/viv/global_.py | 7 +++++++ capa/features/extractors/viv/helpers.py | 2 +- capa/features/extractors/viv/indirect_calls.py | 2 +- capa/features/extractors/viv/insn.py | 2 +- capa/features/file.py | 2 +- capa/features/freeze/__init__.py | 2 +- capa/features/freeze/features.py | 7 +++++++ capa/features/insn.py | 2 +- capa/helpers.py | 2 +- capa/ida/helpers.py | 2 +- capa/ida/plugin/__init__.py | 2 +- capa/ida/plugin/cache.py | 2 +- capa/ida/plugin/capa_explorer.py | 2 +- capa/ida/plugin/error.py | 2 +- capa/ida/plugin/extractor.py | 2 +- capa/ida/plugin/form.py | 2 +- capa/ida/plugin/hooks.py | 2 +- capa/ida/plugin/icon.py | 7 +++++++ capa/ida/plugin/item.py | 2 +- capa/ida/plugin/model.py | 2 +- capa/ida/plugin/proxy.py | 2 +- capa/ida/plugin/view.py | 2 +- capa/main.py | 2 +- capa/optimizer.py | 7 +++++++ capa/perf.py | 7 +++++++ capa/render/default.py | 2 +- capa/render/json.py | 2 +- capa/render/result_document.py | 2 +- capa/render/utils.py | 2 +- capa/render/verbose.py | 2 +- capa/render/vverbose.py | 2 +- capa/rules/__init__.py | 2 +- capa/rules/cache.py | 7 +++++++ capa/version.py | 7 +++++++ scripts/bulk-process.py | 9 ++++++++- scripts/capa2yara.py | 7 +++++++ scripts/capa_as_library.py | 7 +++++++ scripts/capafmt.py | 2 +- scripts/detect-elf-os.py | 2 +- scripts/detect_duplicate_features.py | 7 +++++++ scripts/import-to-bn.py | 7 +++++++ scripts/import-to-ida.py | 2 +- scripts/lint.py | 2 +- scripts/match-function-id.py | 2 +- scripts/profile-memory.py | 7 +++++++ scripts/profile-time.py | 7 +++++++ scripts/setup-linter-dependencies.py | 7 +++++++ scripts/show-capabilities-by-function.py | 9 ++++++++- scripts/show-features.py | 2 +- tests/fixtures.py | 3 +-- tests/test_binja_features.py | 2 +- tests/test_dnfile_features.py | 2 +- tests/test_dotnet_features.py | 2 +- tests/test_dotnetfile_features.py | 2 +- tests/test_engine.py | 2 +- tests/test_fmt.py | 2 +- tests/test_freeze.py | 2 +- tests/test_function_id.py | 7 +++++++ tests/test_helpers.py | 2 +- tests/test_ida_features.py | 7 +++++++ tests/test_main.py | 2 +- tests/test_match.py | 2 +- tests/test_optimizer.py | 2 +- tests/test_os_detection.py | 2 +- tests/test_pefile_features.py | 2 +- tests/test_render.py | 7 +++++++ tests/test_result_document.py | 2 +- tests/test_rules.py | 2 +- tests/test_rules_insn_scope.py | 2 +- tests/test_scripts.py | 2 +- tests/test_viv_features.py | 2 +- 113 files changed, 277 insertions(+), 89 deletions(-) diff --git a/LICENSE.txt b/LICENSE.txt index 6a1de7cf..861a3e4f 100644 --- a/LICENSE.txt +++ b/LICENSE.txt @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright (C) 2020 Mandiant, Inc. + Copyright (C) 2023 Mandiant, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/capa/engine.py b/capa/engine.py index d498639d..8ae36d3e 100644 --- a/capa/engine.py +++ b/capa/engine.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/exceptions.py b/capa/exceptions.py index 8c939997..e080791a 100644 --- a/capa/exceptions.py +++ b/capa/exceptions.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. class UnsupportedRuntimeError(RuntimeError): pass diff --git a/capa/features/address.py b/capa/features/address.py index 251b498a..42828495 100644 --- a/capa/features/address.py +++ b/capa/features/address.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import abc diff --git a/capa/features/basicblock.py b/capa/features/basicblock.py index 09f1b26d..5d768ea2 100644 --- a/capa/features/basicblock.py +++ b/capa/features/basicblock.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/common.py b/capa/features/common.py index 5ea1612b..3216c38e 100644 --- a/capa/features/common.py +++ b/capa/features/common.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/base_extractor.py b/capa/features/extractors/base_extractor.py index 3be983ed..09776df2 100644 --- a/capa/features/extractors/base_extractor.py +++ b/capa/features/extractors/base_extractor.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/binja/basicblock.py b/capa/features/extractors/binja/basicblock.py index eff597b5..30af516d 100644 --- a/capa/features/extractors/binja/basicblock.py +++ b/capa/features/extractors/binja/basicblock.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/binja/extractor.py b/capa/features/extractors/binja/extractor.py index 792db3d2..167a8e6e 100644 --- a/capa/features/extractors/binja/extractor.py +++ b/capa/features/extractors/binja/extractor.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/binja/file.py b/capa/features/extractors/binja/file.py index c36b5b48..d46451e7 100644 --- a/capa/features/extractors/binja/file.py +++ b/capa/features/extractors/binja/file.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/binja/find_binja_api.py b/capa/features/extractors/binja/find_binja_api.py index 5433ff47..e97dfc0d 100644 --- a/capa/features/extractors/binja/find_binja_api.py +++ b/capa/features/extractors/binja/find_binja_api.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/binja/function.py b/capa/features/extractors/binja/function.py index 2bf735db..a502a5f4 100644 --- a/capa/features/extractors/binja/function.py +++ b/capa/features/extractors/binja/function.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/binja/global_.py b/capa/features/extractors/binja/global_.py index afcec4ad..7430d740 100644 --- a/capa/features/extractors/binja/global_.py +++ b/capa/features/extractors/binja/global_.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import logging from typing import Tuple, Iterator diff --git a/capa/features/extractors/binja/helpers.py b/capa/features/extractors/binja/helpers.py index 4baae3f9..a96f64da 100644 --- a/capa/features/extractors/binja/helpers.py +++ b/capa/features/extractors/binja/helpers.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/binja/insn.py b/capa/features/extractors/binja/insn.py index ebcf35bf..3144fd15 100644 --- a/capa/features/extractors/binja/insn.py +++ b/capa/features/extractors/binja/insn.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/common.py b/capa/features/extractors/common.py index 6beaa72d..2d4f0266 100644 --- a/capa/features/extractors/common.py +++ b/capa/features/extractors/common.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import io import logging import binascii diff --git a/capa/features/extractors/dnfile/extractor.py b/capa/features/extractors/dnfile/extractor.py index ba76270b..98a1dd0b 100644 --- a/capa/features/extractors/dnfile/extractor.py +++ b/capa/features/extractors/dnfile/extractor.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/dnfile/file.py b/capa/features/extractors/dnfile/file.py index 600ec17d..8ab2cc38 100644 --- a/capa/features/extractors/dnfile/file.py +++ b/capa/features/extractors/dnfile/file.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/dnfile/function.py b/capa/features/extractors/dnfile/function.py index 5ddde9a8..32069ed3 100644 --- a/capa/features/extractors/dnfile/function.py +++ b/capa/features/extractors/dnfile/function.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/dnfile/helpers.py b/capa/features/extractors/dnfile/helpers.py index 14db7bbb..def6cd04 100644 --- a/capa/features/extractors/dnfile/helpers.py +++ b/capa/features/extractors/dnfile/helpers.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/dnfile/insn.py b/capa/features/extractors/dnfile/insn.py index b70f39dc..bdaf7a3a 100644 --- a/capa/features/extractors/dnfile/insn.py +++ b/capa/features/extractors/dnfile/insn.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/dnfile/types.py b/capa/features/extractors/dnfile/types.py index 7b5da2bc..6c6d5992 100644 --- a/capa/features/extractors/dnfile/types.py +++ b/capa/features/extractors/dnfile/types.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/dnfile_.py b/capa/features/extractors/dnfile_.py index 58ae1539..180d1308 100644 --- a/capa/features/extractors/dnfile_.py +++ b/capa/features/extractors/dnfile_.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import logging from typing import Tuple, Iterator from pathlib import Path diff --git a/capa/features/extractors/dotnetfile.py b/capa/features/extractors/dotnetfile.py index 75f34fa2..76672e51 100644 --- a/capa/features/extractors/dotnetfile.py +++ b/capa/features/extractors/dotnetfile.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import logging from typing import Tuple, Iterator from pathlib import Path diff --git a/capa/features/extractors/elf.py b/capa/features/extractors/elf.py index c9a3db79..c3305444 100644 --- a/capa/features/extractors/elf.py +++ b/capa/features/extractors/elf.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/elffile.py b/capa/features/extractors/elffile.py index edf74dc2..da64a412 100644 --- a/capa/features/extractors/elffile.py +++ b/capa/features/extractors/elffile.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/helpers.py b/capa/features/extractors/helpers.py index d27b85b1..66399b12 100644 --- a/capa/features/extractors/helpers.py +++ b/capa/features/extractors/helpers.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/ida/basicblock.py b/capa/features/extractors/ida/basicblock.py index 88a1247e..81790132 100644 --- a/capa/features/extractors/ida/basicblock.py +++ b/capa/features/extractors/ida/basicblock.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/ida/extractor.py b/capa/features/extractors/ida/extractor.py index 0d44ba9e..bf5d1682 100644 --- a/capa/features/extractors/ida/extractor.py +++ b/capa/features/extractors/ida/extractor.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/ida/file.py b/capa/features/extractors/ida/file.py index e75d59e1..051ecafd 100644 --- a/capa/features/extractors/ida/file.py +++ b/capa/features/extractors/ida/file.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/ida/function.py b/capa/features/extractors/ida/function.py index cb4d6329..54a72a6b 100644 --- a/capa/features/extractors/ida/function.py +++ b/capa/features/extractors/ida/function.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/ida/global_.py b/capa/features/extractors/ida/global_.py index 3cca914e..17f37bc4 100644 --- a/capa/features/extractors/ida/global_.py +++ b/capa/features/extractors/ida/global_.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import logging import contextlib from typing import Tuple, Iterator diff --git a/capa/features/extractors/ida/helpers.py b/capa/features/extractors/ida/helpers.py index e2553e82..ad57371c 100644 --- a/capa/features/extractors/ida/helpers.py +++ b/capa/features/extractors/ida/helpers.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/ida/insn.py b/capa/features/extractors/ida/insn.py index e031b7a5..cb6c89ac 100644 --- a/capa/features/extractors/ida/insn.py +++ b/capa/features/extractors/ida/insn.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/loops.py b/capa/features/extractors/loops.py index 96ddb2d9..26202011 100644 --- a/capa/features/extractors/loops.py +++ b/capa/features/extractors/loops.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/null.py b/capa/features/extractors/null.py index 892eadc8..c7206ced 100644 --- a/capa/features/extractors/null.py +++ b/capa/features/extractors/null.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. from typing import Dict, List, Tuple from dataclasses import dataclass diff --git a/capa/features/extractors/pefile.py b/capa/features/extractors/pefile.py index 078e6ff0..a820e7b8 100644 --- a/capa/features/extractors/pefile.py +++ b/capa/features/extractors/pefile.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/strings.py b/capa/features/extractors/strings.py index 3596e49d..5f563b1c 100644 --- a/capa/features/extractors/strings.py +++ b/capa/features/extractors/strings.py @@ -1,6 +1,6 @@ # strings code from FLOSS, https://github.com/mandiant/flare-floss # -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/viv/basicblock.py b/capa/features/extractors/viv/basicblock.py index ef13a925..46bdb2b0 100644 --- a/capa/features/extractors/viv/basicblock.py +++ b/capa/features/extractors/viv/basicblock.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/viv/extractor.py b/capa/features/extractors/viv/extractor.py index 588ff88c..faddb05d 100644 --- a/capa/features/extractors/viv/extractor.py +++ b/capa/features/extractors/viv/extractor.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/viv/file.py b/capa/features/extractors/viv/file.py index 0deee2c7..cc078016 100644 --- a/capa/features/extractors/viv/file.py +++ b/capa/features/extractors/viv/file.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/viv/function.py b/capa/features/extractors/viv/function.py index 153065f9..112f4fa1 100644 --- a/capa/features/extractors/viv/function.py +++ b/capa/features/extractors/viv/function.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/viv/global_.py b/capa/features/extractors/viv/global_.py index cea50da2..1b204237 100644 --- a/capa/features/extractors/viv/global_.py +++ b/capa/features/extractors/viv/global_.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import logging from typing import Tuple, Iterator diff --git a/capa/features/extractors/viv/helpers.py b/capa/features/extractors/viv/helpers.py index a7554ac1..662704af 100644 --- a/capa/features/extractors/viv/helpers.py +++ b/capa/features/extractors/viv/helpers.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/viv/indirect_calls.py b/capa/features/extractors/viv/indirect_calls.py index d39f08c9..71c63172 100644 --- a/capa/features/extractors/viv/indirect_calls.py +++ b/capa/features/extractors/viv/indirect_calls.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/extractors/viv/insn.py b/capa/features/extractors/viv/insn.py index 1e4633d7..fb117dfa 100644 --- a/capa/features/extractors/viv/insn.py +++ b/capa/features/extractors/viv/insn.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/file.py b/capa/features/file.py index 735464c6..46a6b65f 100644 --- a/capa/features/file.py +++ b/capa/features/file.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/freeze/__init__.py b/capa/features/freeze/__init__.py index ea935139..9584990f 100644 --- a/capa/features/freeze/__init__.py +++ b/capa/features/freeze/__init__.py @@ -1,7 +1,7 @@ """ capa freeze file format: `| capa0000 | + zlib(utf-8(json(...)))` -Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/features/freeze/features.py b/capa/features/freeze/features.py index 39f9b0d8..ba651672 100644 --- a/capa/features/freeze/features.py +++ b/capa/features/freeze/features.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import binascii from typing import Union, Optional diff --git a/capa/features/insn.py b/capa/features/insn.py index f4be23c8..062882db 100644 --- a/capa/features/insn.py +++ b/capa/features/insn.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/helpers.py b/capa/helpers.py index b8100819..92f26c3d 100644 --- a/capa/helpers.py +++ b/capa/helpers.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/helpers.py b/capa/ida/helpers.py index 4f3d2a0b..89e12c60 100644 --- a/capa/ida/helpers.py +++ b/capa/ida/helpers.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/__init__.py b/capa/ida/plugin/__init__.py index a24e7d38..789a1e1c 100644 --- a/capa/ida/plugin/__init__.py +++ b/capa/ida/plugin/__init__.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/cache.py b/capa/ida/plugin/cache.py index 7a665033..42910ee5 100644 --- a/capa/ida/plugin/cache.py +++ b/capa/ida/plugin/cache.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/capa_explorer.py b/capa/ida/plugin/capa_explorer.py index 5514aec2..a34bd08d 100644 --- a/capa/ida/plugin/capa_explorer.py +++ b/capa/ida/plugin/capa_explorer.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/error.py b/capa/ida/plugin/error.py index 87bb0c19..28139e90 100644 --- a/capa/ida/plugin/error.py +++ b/capa/ida/plugin/error.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/extractor.py b/capa/ida/plugin/extractor.py index 58bbc4ba..9745c055 100644 --- a/capa/ida/plugin/extractor.py +++ b/capa/ida/plugin/extractor.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/form.py b/capa/ida/plugin/form.py index 7e381dde..19628e2a 100644 --- a/capa/ida/plugin/form.py +++ b/capa/ida/plugin/form.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/hooks.py b/capa/ida/plugin/hooks.py index 2f978e74..fdbbe8e4 100644 --- a/capa/ida/plugin/hooks.py +++ b/capa/ida/plugin/hooks.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/icon.py b/capa/ida/plugin/icon.py index 76a6dfb2..76b42cd2 100644 --- a/capa/ida/plugin/icon.py +++ b/capa/ida/plugin/icon.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import base64 # this is just `capa/.github/icon.png`. diff --git a/capa/ida/plugin/item.py b/capa/ida/plugin/item.py index b2be1c14..17259f61 100644 --- a/capa/ida/plugin/item.py +++ b/capa/ida/plugin/item.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/model.py b/capa/ida/plugin/model.py index 1d2b1132..47a6e7f7 100644 --- a/capa/ida/plugin/model.py +++ b/capa/ida/plugin/model.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/proxy.py b/capa/ida/plugin/proxy.py index e67147bd..0c8b8d2c 100644 --- a/capa/ida/plugin/proxy.py +++ b/capa/ida/plugin/proxy.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/ida/plugin/view.py b/capa/ida/plugin/view.py index e93513c2..f041f5bc 100644 --- a/capa/ida/plugin/view.py +++ b/capa/ida/plugin/view.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/main.py b/capa/main.py index 81b3c2d0..08ad5fc4 100644 --- a/capa/main.py +++ b/capa/main.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 """ -Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/optimizer.py b/capa/optimizer.py index 1c8e529a..0ebee844 100644 --- a/capa/optimizer.py +++ b/capa/optimizer.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import logging import capa.engine as ceng diff --git a/capa/perf.py b/capa/perf.py index 54575e99..7358c5f9 100644 --- a/capa/perf.py +++ b/capa/perf.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import typing import collections diff --git a/capa/render/default.py b/capa/render/default.py index 556c82a4..79567e4b 100644 --- a/capa/render/default.py +++ b/capa/render/default.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/render/json.py b/capa/render/json.py index 8fb21fb5..d015641d 100644 --- a/capa/render/json.py +++ b/capa/render/json.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/render/result_document.py b/capa/render/result_document.py index 00c3eb9b..0919207c 100644 --- a/capa/render/result_document.py +++ b/capa/render/result_document.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/render/utils.py b/capa/render/utils.py index d9cb9308..fb393234 100644 --- a/capa/render/utils.py +++ b/capa/render/utils.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/render/verbose.py b/capa/render/verbose.py index 227c5fc7..c3ec2442 100644 --- a/capa/render/verbose.py +++ b/capa/render/verbose.py @@ -14,7 +14,7 @@ example:: 0x10003415 0x10003797 -Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/render/vverbose.py b/capa/render/vverbose.py index cadad7c7..59189833 100644 --- a/capa/render/vverbose.py +++ b/capa/render/vverbose.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/rules/__init__.py b/capa/rules/__init__.py index a9fd4f1f..066c3a11 100644 --- a/capa/rules/__init__.py +++ b/capa/rules/__init__.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/capa/rules/cache.py b/capa/rules/cache.py index 1269712b..5cc1d1d4 100644 --- a/capa/rules/cache.py +++ b/capa/rules/cache.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import os import sys import zlib diff --git a/capa/version.py b/capa/version.py index 2c270402..5ce717b2 100644 --- a/capa/version.py +++ b/capa/version.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. __version__ = "5.1.0" diff --git a/scripts/bulk-process.py b/scripts/bulk-process.py index dc75ac76..fb6ecdd3 100644 --- a/scripts/bulk-process.py +++ b/scripts/bulk-process.py @@ -1,4 +1,11 @@ #!/usr/bin/env python +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. """ bulk-process @@ -47,7 +54,7 @@ usage: parallelism factor --no-mp disable subprocesses -Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/scripts/capa2yara.py b/scripts/capa2yara.py index 7f84f7b6..4f0a8b90 100644 --- a/scripts/capa2yara.py +++ b/scripts/capa2yara.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. """ Convert capa rules to YARA rules (where this is possible) diff --git a/scripts/capa_as_library.py b/scripts/capa_as_library.py index ecc20de1..06613dcb 100644 --- a/scripts/capa_as_library.py +++ b/scripts/capa_as_library.py @@ -1,4 +1,11 @@ #!/usr/bin/env python3 +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import json import collections diff --git a/scripts/capafmt.py b/scripts/capafmt.py index f99071d4..fa829800 100644 --- a/scripts/capafmt.py +++ b/scripts/capafmt.py @@ -6,7 +6,7 @@ Usage: $ python capafmt.py -i foo.yml -Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/scripts/detect-elf-os.py b/scripts/detect-elf-os.py index 6a917314..5adf85de 100644 --- a/scripts/detect-elf-os.py +++ b/scripts/detect-elf-os.py @@ -1,6 +1,6 @@ #!/usr/bin/env python2 """ -Copyright (C) 2021 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/scripts/detect_duplicate_features.py b/scripts/detect_duplicate_features.py index bfbd9baf..dd9b9838 100644 --- a/scripts/detect_duplicate_features.py +++ b/scripts/detect_duplicate_features.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import sys import logging import argparse diff --git a/scripts/import-to-bn.py b/scripts/import-to-bn.py index 54f63d76..74293f74 100644 --- a/scripts/import-to-bn.py +++ b/scripts/import-to-bn.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. """ Binary Ninja plugin that imports a capa report, produced via `capa --json /path/to/sample`, diff --git a/scripts/import-to-ida.py b/scripts/import-to-ida.py index 42c56445..121d8158 100644 --- a/scripts/import-to-ida.py +++ b/scripts/import-to-ida.py @@ -20,7 +20,7 @@ and then select the existing capa report from the file system. This script will verify that the report matches the workspace. Check the output window for any errors, and/or the summary of changes. -Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/scripts/lint.py b/scripts/lint.py index ce1d3e3f..847f574a 100644 --- a/scripts/lint.py +++ b/scripts/lint.py @@ -5,7 +5,7 @@ Usage: $ python scripts/lint.py rules/ -Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/scripts/match-function-id.py b/scripts/match-function-id.py index 0daa88bb..7fe51e23 100644 --- a/scripts/match-function-id.py +++ b/scripts/match-function-id.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 """ -Copyright (C) 2021 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/scripts/profile-memory.py b/scripts/profile-memory.py index e3e98f56..b958eac0 100644 --- a/scripts/profile-memory.py +++ b/scripts/profile-memory.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import gc import linecache import tracemalloc diff --git a/scripts/profile-time.py b/scripts/profile-time.py index c6197b35..b6c48683 100644 --- a/scripts/profile-time.py +++ b/scripts/profile-time.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. """ Invoke capa multiple times and record profiling informations. Use the --number and --repeat options to change the number of iterations. diff --git a/scripts/setup-linter-dependencies.py b/scripts/setup-linter-dependencies.py index 7aad2ab1..bc7f9bf0 100644 --- a/scripts/setup-linter-dependencies.py +++ b/scripts/setup-linter-dependencies.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. """ Generate capa linter-data.json, used to validate Att&ck/MBC IDs and names. diff --git a/scripts/show-capabilities-by-function.py b/scripts/show-capabilities-by-function.py index df2c79d3..78700088 100644 --- a/scripts/show-capabilities-by-function.py +++ b/scripts/show-capabilities-by-function.py @@ -1,4 +1,11 @@ #!/usr/bin/env python2 +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. """ show-capabilities-by-function @@ -40,7 +47,7 @@ Example:: - connect TCP socket ... -Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/scripts/show-features.py b/scripts/show-features.py index e062b35d..25f1662b 100644 --- a/scripts/show-features.py +++ b/scripts/show-features.py @@ -1,6 +1,6 @@ #!/usr/bin/env python2 """ -Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/fixtures.py b/tests/fixtures.py index 9e36dd14..2eaf86ae 100644 --- a/tests/fixtures.py +++ b/tests/fixtures.py @@ -1,5 +1,4 @@ -# -*- coding: utf-8 -*- -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_binja_features.py b/tests/test_binja_features.py index 5819e0dc..75863bd6 100644 --- a/tests/test_binja_features.py +++ b/tests/test_binja_features.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 FireEye, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_dnfile_features.py b/tests/test_dnfile_features.py index 5ffa2ead..d6325b5e 100644 --- a/tests/test_dnfile_features.py +++ b/tests/test_dnfile_features.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_dotnet_features.py b/tests/test_dotnet_features.py index af633386..b8ab4b96 100644 --- a/tests/test_dotnet_features.py +++ b/tests/test_dotnet_features.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_dotnetfile_features.py b/tests/test_dotnetfile_features.py index 3b4858a1..56d7a959 100644 --- a/tests/test_dotnetfile_features.py +++ b/tests/test_dotnetfile_features.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_engine.py b/tests/test_engine.py index 785896a3..f8c626db 100644 --- a/tests/test_engine.py +++ b/tests/test_engine.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_fmt.py b/tests/test_fmt.py index 96101dfb..6bb0f087 100644 --- a/tests/test_fmt.py +++ b/tests/test_fmt.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_freeze.py b/tests/test_freeze.py index a3930391..7603b9fb 100644 --- a/tests/test_freeze.py +++ b/tests/test_freeze.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_function_id.py b/tests/test_function_id.py index 65af1ae0..242b1949 100644 --- a/tests/test_function_id.py +++ b/tests/test_function_id.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. from fixtures import get_function, pma16_01_extractor, extract_function_features import capa.features.insn diff --git a/tests/test_helpers.py b/tests/test_helpers.py index 90b689b3..f956be5c 100644 --- a/tests/test_helpers.py +++ b/tests/test_helpers.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_ida_features.py b/tests/test_ida_features.py index 3eb3b053..239f045e 100644 --- a/tests/test_ida_features.py +++ b/tests/test_ida_features.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. """ run this script from within IDA to test the IDA feature extractor. you must have loaded a file referenced by a test case in order diff --git a/tests/test_main.py b/tests/test_main.py index 45554760..8fc80deb 100644 --- a/tests/test_main.py +++ b/tests/test_main.py @@ -1,5 +1,5 @@ # -*- coding: utf-8 -*- -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_match.py b/tests/test_match.py index 99301cce..2c9928db 100644 --- a/tests/test_match.py +++ b/tests/test_match.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_optimizer.py b/tests/test_optimizer.py index 40c008fa..20c098de 100644 --- a/tests/test_optimizer.py +++ b/tests/test_optimizer.py @@ -1,4 +1,4 @@ -# Copyright (C) 2021 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_os_detection.py b/tests/test_os_detection.py index 9f835177..d5806d45 100644 --- a/tests/test_os_detection.py +++ b/tests/test_os_detection.py @@ -1,5 +1,5 @@ # -*- coding: utf-8 -*- -# Copyright (C) 2022 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_pefile_features.py b/tests/test_pefile_features.py index c9013d50..c666357b 100644 --- a/tests/test_pefile_features.py +++ b/tests/test_pefile_features.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_render.py b/tests/test_render.py index 9277b9f2..8f89bc5d 100644 --- a/tests/test_render.py +++ b/tests/test_render.py @@ -1,3 +1,10 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. import textwrap import fixtures diff --git a/tests/test_result_document.py b/tests/test_result_document.py index 161628ff..f5496db1 100644 --- a/tests/test_result_document.py +++ b/tests/test_result_document.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_rules.py b/tests/test_rules.py index afd9c012..024a40d3 100644 --- a/tests/test_rules.py +++ b/tests/test_rules.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_rules_insn_scope.py b/tests/test_rules_insn_scope.py index 481b3cd9..c6dd3fd7 100644 --- a/tests/test_rules_insn_scope.py +++ b/tests/test_rules_insn_scope.py @@ -1,4 +1,4 @@ -# Copyright (C) 2022 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_scripts.py b/tests/test_scripts.py index e8971f0e..4baa96a9 100644 --- a/tests/test_scripts.py +++ b/tests/test_scripts.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt diff --git a/tests/test_viv_features.py b/tests/test_viv_features.py index 1e07ca74..683a7931 100644 --- a/tests/test_viv_features.py +++ b/tests/test_viv_features.py @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Mandiant, Inc. All Rights Reserved. +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: [package root]/LICENSE.txt From 59bd930881e8adc59b14241054675d46ae952fe2 Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 05:04:26 +0200 Subject: [PATCH 06/28] fix merge --- pyproject.toml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pyproject.toml b/pyproject.toml index 183a04b6..efc56a75 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -75,6 +75,8 @@ dev = [ "flake8-print==5.0.0", "flake8-todos==0.3.0", "flake8-simplify==0.20.0", + "flake8-use-pathlib==0.3.0", + "flake8-copyright==0.2.4", "ruff==0.0.277", "black==23.7.0", "isort==5.11.4", From b285985a7956925cee0e8ba134c7447cc5e3447a Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 05:16:59 +0200 Subject: [PATCH 07/28] flake8: configure copyright header for our project closes #1594 --- .github/flake8.ini | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/flake8.ini b/.github/flake8.ini index 4e141a48..f949f801 100644 --- a/.github/flake8.ini +++ b/.github/flake8.ini @@ -37,4 +37,5 @@ per-file-ignores = capa/features/extractors/binja/find_binja_api.py: T201 copyright-check = True -copyright-regexp = "Copyright" \ No newline at end of file +copyright-min-file-size = 1 +copyright-regexp = Copyright \(C\) 2023 Mandiant, Inc. All Rights Reserved. \ No newline at end of file From 797021874b5442853f25c71357ae90aa7f277430 Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 05:37:22 +0200 Subject: [PATCH 08/28] ci: use latest python for best performance --- .github/workflows/tests.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 8ea4cc48..798140c3 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -27,10 +27,11 @@ jobs: steps: - name: Checkout capa uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 - - name: Set up Python 3.8 + # use latest avaialble python to take advantage of best performance + - name: Set up Python 3.11 uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435 # v4.5.0 with: - python-version: "3.8" + python-version: "3.11" - name: Install dependencies run: pip install -e .[dev] - name: Lint with ruff @@ -51,10 +52,10 @@ jobs: uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 with: submodules: recursive - - name: Set up Python 3.8 + - name: Set up Python 3.11 uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435 # v4.5.0 with: - python-version: "3.8" + python-version: "3.11" - name: Install capa run: pip install -e .[dev] - name: Run rule linter From 36a840cb2c2506daf103e77d3f884972696304c3 Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 06:12:42 +0200 Subject: [PATCH 09/28] ci: set top level permissions to satisfy code scanning --- .github/workflows/build.yml | 6 +++--- .github/workflows/changelog.yml | 2 ++ .github/workflows/publish.yml | 6 +++--- .github/workflows/tag.yml | 2 ++ .github/workflows/tests.yml | 2 ++ 5 files changed, 12 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 08797988..73822bfb 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,14 +1,14 @@ name: build -permissions: - contents: write - on: pull_request: branches: [ master ] release: types: [edited, published] +permissions: + contents: write + jobs: build: name: PyInstaller for ${{ matrix.os }} diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index 6390e184..853a5cc4 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -7,6 +7,8 @@ on: pull_request_target: types: [opened, edited, synchronize] +permissions: read-all + jobs: check_changelog: # no need to check for dependency updates via dependabot diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 390a814f..314f5261 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -2,13 +2,13 @@ # https://blog.trailofbits.com/2023/05/23/trusted-publishing-a-new-benchmark-for-packaging-security/ name: publish to pypi -permissions: - contents: write - on: release: types: [published] +permissions: + contents: write + jobs: pypi-publish: runs-on: ubuntu-latest diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml index 87bf8f45..752a008e 100644 --- a/.github/workflows/tag.yml +++ b/.github/workflows/tag.yml @@ -4,6 +4,8 @@ on: release: types: [published] +permissions: read-all + jobs: tag: name: Tag capa rules diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 8e6cead2..bd68f26c 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -6,6 +6,8 @@ on: pull_request: branches: [ master ] +permissions: read-all + # save workspaces to speed up testing env: CAPA_SAVE_WORKSPACE: "True" From e9ccc5276ab3a4a76486566b63cec84fdf1c3ec0 Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 06:24:22 +0200 Subject: [PATCH 10/28] main: log time taken to analyze each function closes #1290 --- capa/main.py | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/capa/main.py b/capa/main.py index 9e6606c9..c680f138 100644 --- a/capa/main.py +++ b/capa/main.py @@ -266,6 +266,7 @@ def find_capabilities(ruleset: RuleSet, extractor: FeatureExtractor, disable_pro pb = pbar(functions, desc="matching", unit=" functions", postfix="skipped 0 library functions", leave=False) for f in pb: + t0 = time.time() if extractor.is_library_function(f.address): function_name = extractor.get_function_name(f.address) logger.debug("skipping library function 0x%x (%s)", f.address, function_name) @@ -284,7 +285,18 @@ def find_capabilities(ruleset: RuleSet, extractor: FeatureExtractor, disable_pro feature_counts.functions += ( rdoc.FunctionFeatureCount(address=frz.Address.from_capa(f.address), count=feature_count), ) - logger.debug("analyzed function 0x%x and extracted %d features", f.address, feature_count) + t1 = time.time() + + match_count = sum(len(res) for res in function_matches.values()) + match_count += sum(len(res) for res in bb_matches.values()) + match_count += sum(len(res) for res in insn_matches.values()) + logger.debug( + "analyzed function 0x%x and extracted %d features, %d matches in %0.02fs", + f.address, + feature_count, + match_count, + t1 - t0, + ) for rule_name, res in function_matches.items(): all_function_matches[rule_name].extend(res) From 0511ef70932e257d259d10bd6c82630a6b2dee78 Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 06:26:25 +0200 Subject: [PATCH 11/28] changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index e2debfaa..6e30fbe9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -64,6 +64,7 @@ ### Development - update ATT&CK/MBC data for linting #1568 @mr-tz +- log time taken to analyze each function #1290 @williballenthin ### Raw diffs - [capa v5.1.0...master](https://github.com/mandiant/capa/compare/v5.1.0...master) From b547987b3339480505f0d1d20040576123b199cf Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 08:47:14 +0200 Subject: [PATCH 12/28] main: don't show spinner when debug messages are emitted closes #1636 --- capa/main.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/capa/main.py b/capa/main.py index c680f138..cb7f0f4c 100644 --- a/capa/main.py +++ b/capa/main.py @@ -1250,7 +1250,7 @@ def main(argv: Optional[List[str]] = None): args.backend, sig_paths, should_save_workspace, - disable_progress=args.quiet, + disable_progress=args.quiet or args.debug, ) except UnsupportedFormatError: log_unsupported_format_error() From 04db034895da2e43e07916ce0a4c20fbf577b7f2 Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 08:49:46 +0200 Subject: [PATCH 13/28] changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6e30fbe9..49073491 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -59,6 +59,7 @@ - tests: refine the IDA test runner script #1513 @williballenthin - output: don't leave behind traces of progress bar @williballenthin - import-to-ida: fix bug introduced with JSON report changes in v5 #1584 @williballenthin +- main: don't show spinner when emitting debug messages #1636 @williballenthin ### capa explorer IDA Pro plugin From ea51801806f7987e739b3c262ec9060aa3a61a07 Mon Sep 17 00:00:00 2001 From: Capa Bot Date: Thu, 13 Jul 2023 07:06:30 +0000 Subject: [PATCH 14/28] Sync capa-testfiles submodule --- tests/data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/data b/tests/data index a0cfe3ac..e2366929 160000 --- a/tests/data +++ b/tests/data @@ -1 +1 @@ -Subproject commit a0cfe3aca94b86b6ee15d713c75f3c882231716a +Subproject commit e2366929ea21e0c77bc035a19133ea6d840bbbff From 5088f45b6a3fc5f4359f1b089eccc45712605dd2 Mon Sep 17 00:00:00 2001 From: Capa Bot Date: Thu, 13 Jul 2023 07:19:20 +0000 Subject: [PATCH 15/28] Sync capa-testfiles submodule --- tests/data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/data b/tests/data index e2366929..257d3180 160000 --- a/tests/data +++ b/tests/data @@ -1 +1 @@ -Subproject commit e2366929ea21e0c77bc035a19133ea6d840bbbff +Subproject commit 257d318068c1c08d5c393b8552a204b4c351a032 From b9090b86ce9a5336e28b09da880d8c69fef6a79c Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 09:37:39 +0200 Subject: [PATCH 16/28] tests: make fixtures available via conftest.py closes #1592 --- .github/ruff.toml | 18 ------------------ tests/conftest.py | 16 ++++++++++++++++ tests/test_binja_features.py | 2 -- tests/test_dnfile_features.py | 2 -- tests/test_dotnet_features.py | 2 -- tests/test_dotnetfile_features.py | 10 +--------- tests/test_freeze.py | 1 - tests/test_function_id.py | 6 +++--- tests/test_main.py | 10 ---------- tests/test_pefile_features.py | 3 --- tests/test_proto.py | 1 - tests/test_result_document.py | 1 - tests/test_viv_features.py | 1 - 13 files changed, 20 insertions(+), 53 deletions(-) create mode 100644 tests/conftest.py diff --git a/.github/ruff.toml b/.github/ruff.toml index 3a5254a9..306cc891 100644 --- a/.github/ruff.toml +++ b/.github/ruff.toml @@ -41,21 +41,3 @@ exclude = [ "*_pb2.py", "*_pb2.pyi" ] - -[per-file-ignores] -# until we address #1592 and move test fixtures into conftest.py -# then we need to ignore imports done to enable pytest fixtures. -# -# F401: `foo` imported but unused -# F811 Redefinition of unused `foo` -"tests/test_main.py" = ["F401", "F811"] -"tests/test_proto.py" = ["F401", "F811"] -"tests/test_freeze.py" = ["F401", "F811"] -"tests/test_function_id.py" = ["F401", "F811"] -"tests/test_viv_features.py" = ["F401", "F811"] -"tests/test_binja_features.py" = ["F401", "F811"] -"tests/test_pefile_features.py" = ["F401", "F811"] -"tests/test_dnfile_features.py" = ["F401", "F811"] -"tests/test_dotnet_features.py" = ["F401", "F811"] -"tests/test_result_document.py" = ["F401", "F811"] -"tests/test_dotnetfile_features.py" = ["F401", "F811"] diff --git a/tests/conftest.py b/tests/conftest.py new file mode 100644 index 00000000..37f43396 --- /dev/null +++ b/tests/conftest.py @@ -0,0 +1,16 @@ +# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: [package root]/LICENSE.txt +# Unless required by applicable law or agreed to in writing, software distributed under the License +# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and limitations under the License. + +# import all the symbols from our fixtures +# and make available to test cases, implicitly. +# this is thanks to pytest magic. +# +# see the following for a discussion: +# https://www.revsys.com/tidbits/pytest-fixtures-are-magic/ +# https://lobste.rs/s/j8xgym/pytest_fixtures_are_magic +from fixtures import * # noqa: F403 [unable to detect undefined names] diff --git a/tests/test_binja_features.py b/tests/test_binja_features.py index 769e85f3..b2256f80 100644 --- a/tests/test_binja_features.py +++ b/tests/test_binja_features.py @@ -5,13 +5,11 @@ # Unless required by applicable law or agreed to in writing, software distributed under the License # is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and limitations under the License. -import os import logging from pathlib import Path import pytest import fixtures -from fixtures import scope, sample import capa.main diff --git a/tests/test_dnfile_features.py b/tests/test_dnfile_features.py index d6325b5e..d5448766 100644 --- a/tests/test_dnfile_features.py +++ b/tests/test_dnfile_features.py @@ -5,9 +5,7 @@ # Unless required by applicable law or agreed to in writing, software distributed under the License # is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and limitations under the License. - import fixtures -from fixtures import scope, sample @fixtures.parametrize( diff --git a/tests/test_dotnet_features.py b/tests/test_dotnet_features.py index b8ab4b96..51ce66b0 100644 --- a/tests/test_dotnet_features.py +++ b/tests/test_dotnet_features.py @@ -5,9 +5,7 @@ # Unless required by applicable law or agreed to in writing, software distributed under the License # is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and limitations under the License. - import fixtures -from fixtures import scope, sample, b9f5b_dotnetfile_extractor, mixed_mode_64_dotnetfile_extractor @fixtures.parametrize( diff --git a/tests/test_dotnetfile_features.py b/tests/test_dotnetfile_features.py index 56d7a959..c1dfcf46 100644 --- a/tests/test_dotnetfile_features.py +++ b/tests/test_dotnetfile_features.py @@ -5,23 +5,15 @@ # Unless required by applicable law or agreed to in writing, software distributed under the License # is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and limitations under the License. - import pytest import fixtures -from fixtures import ( - FEATURE_PRESENCE_TESTS_DOTNET, - scope, - sample, - b9f5b_dotnetfile_extractor, - mixed_mode_64_dotnetfile_extractor, -) import capa.features.file @fixtures.parametrize( "sample,scope,feature,expected", - FEATURE_PRESENCE_TESTS_DOTNET, + fixtures.FEATURE_PRESENCE_TESTS_DOTNET, indirect=["sample", "scope"], ) def test_dotnetfile_features(sample, scope, feature, expected): diff --git a/tests/test_freeze.py b/tests/test_freeze.py index 7603b9fb..cbc60b48 100644 --- a/tests/test_freeze.py +++ b/tests/test_freeze.py @@ -10,7 +10,6 @@ from typing import List from pathlib import Path import pytest -from fixtures import z9324d_extractor import capa.main import capa.rules diff --git a/tests/test_function_id.py b/tests/test_function_id.py index 242b1949..bc177347 100644 --- a/tests/test_function_id.py +++ b/tests/test_function_id.py @@ -5,7 +5,7 @@ # Unless required by applicable law or agreed to in writing, software distributed under the License # is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and limitations under the License. -from fixtures import get_function, pma16_01_extractor, extract_function_features +import fixtures import capa.features.insn @@ -29,6 +29,6 @@ def test_function_id_complex_match(pma16_01_extractor): def test_function_id_api_feature(pma16_01_extractor): - f = get_function(pma16_01_extractor, 0x404548) - features = extract_function_features(pma16_01_extractor, f) + f = fixtures.get_function(pma16_01_extractor, 0x404548) + features = fixtures.extract_function_features(pma16_01_extractor, f) assert capa.features.insn.API("__aulldiv") in features diff --git a/tests/test_main.py b/tests/test_main.py index 8fc80deb..278bc729 100644 --- a/tests/test_main.py +++ b/tests/test_main.py @@ -10,16 +10,6 @@ import json import textwrap import fixtures -from fixtures import ( - z499c2_extractor, - z9324d_extractor, - pma16_01_extractor, - pingtaest_extractor, - _692f_dotnetfile_extractor, - _1c444_dotnetfile_extractor, - _039a6_dotnetfile_extractor, - _0953c_dotnetfile_extractor, -) import capa.main import capa.rules diff --git a/tests/test_pefile_features.py b/tests/test_pefile_features.py index c666357b..cb19b468 100644 --- a/tests/test_pefile_features.py +++ b/tests/test_pefile_features.py @@ -5,11 +5,8 @@ # Unless required by applicable law or agreed to in writing, software distributed under the License # is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and limitations under the License. -from pathlib import PosixPath - import pytest import fixtures -from fixtures import scope, sample import capa.features.file diff --git a/tests/test_proto.py b/tests/test_proto.py index 8a76ccfc..6f0137fe 100644 --- a/tests/test_proto.py +++ b/tests/test_proto.py @@ -9,7 +9,6 @@ import copy from typing import Any import pytest -from fixtures import a3f3bbc_rd, a076114_rd, pma0101_rd, al_khaserx64_rd, al_khaserx86_rd, dotnet_1c444e_rd import capa.rules import capa.render diff --git a/tests/test_result_document.py b/tests/test_result_document.py index f5496db1..27a1dbb2 100644 --- a/tests/test_result_document.py +++ b/tests/test_result_document.py @@ -9,7 +9,6 @@ import copy import pytest import fixtures -from fixtures import a3f3bbc_rd, a076114_rd, pma0101_rd, al_khaserx64_rd, al_khaserx86_rd, dotnet_1c444e_rd import capa import capa.engine as ceng diff --git a/tests/test_viv_features.py b/tests/test_viv_features.py index 683a7931..b63f0dc6 100644 --- a/tests/test_viv_features.py +++ b/tests/test_viv_features.py @@ -6,7 +6,6 @@ # is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and limitations under the License. import fixtures -from fixtures import scope, sample @fixtures.parametrize( From ea3090a0666d404c19cea0323a7ab217fdf51138 Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 09:39:04 +0200 Subject: [PATCH 17/28] changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 49073491..9ccfcbeb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -66,6 +66,7 @@ ### Development - update ATT&CK/MBC data for linting #1568 @mr-tz - log time taken to analyze each function #1290 @williballenthin +- tests: make fixture available via conftest.py #1592 @williballenthin ### Raw diffs - [capa v5.1.0...master](https://github.com/mandiant/capa/compare/v5.1.0...master) From f897f00227e4efcbeab08ddecfda7696a1f71197 Mon Sep 17 00:00:00 2001 From: Capa Bot Date: Thu, 13 Jul 2023 08:11:11 +0000 Subject: [PATCH 18/28] Sync capa-testfiles submodule --- tests/data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/data b/tests/data index 257d3180..6aef0e73 160000 --- a/tests/data +++ b/tests/data @@ -1 +1 @@ -Subproject commit 257d318068c1c08d5c393b8552a204b4c351a032 +Subproject commit 6aef0e73100afe530577993fe8a07b85741fbc50 From 280e25328665b3ff056a32339de0dbf9617d972f Mon Sep 17 00:00:00 2001 From: Capa Bot Date: Thu, 13 Jul 2023 08:15:43 +0000 Subject: [PATCH 19/28] Sync capa rules submodule --- rules | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules b/rules index e51b74e0..7e100e18 160000 --- a/rules +++ b/rules @@ -1 +1 @@ -Subproject commit e51b74e012d1e8541e8dc6933022628d6925c1b9 +Subproject commit 7e100e186317e2e22683e1e44143ff0dcc9a36e2 From c06211536663d7b16e0cdb727bad568d946fd522 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 13 Jul 2023 08:19:29 +0000 Subject: [PATCH 20/28] build(deps-dev): bump ruff from 0.0.277 to 0.0.278 Bumps [ruff](https://github.com/astral-sh/ruff) from 0.0.277 to 0.0.278. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/BREAKING_CHANGES.md) - [Commits](https://github.com/astral-sh/ruff/compare/v0.0.277...v0.0.278) --- updated-dependencies: - dependency-name: ruff dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index efc56a75..1e73090f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -77,7 +77,7 @@ dev = [ "flake8-simplify==0.20.0", "flake8-use-pathlib==0.3.0", "flake8-copyright==0.2.4", - "ruff==0.0.277", + "ruff==0.0.278", "black==23.7.0", "isort==5.11.4", "mypy==1.4.1", From c29d0a4f56253682333f3fcfb06527d84404aaae Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 10:45:43 +0200 Subject: [PATCH 21/28] Update .github/workflows/tests.yml Co-authored-by: Moritz --- .github/workflows/tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 798140c3..8e6cead2 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -27,7 +27,7 @@ jobs: steps: - name: Checkout capa uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 - # use latest avaialble python to take advantage of best performance + # use latest available python to take advantage of best performance - name: Set up Python 3.11 uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435 # v4.5.0 with: From 546789fea63074e6b942c3579383f6e2148c6f6b Mon Sep 17 00:00:00 2001 From: Capa Bot Date: Thu, 13 Jul 2023 08:47:01 +0000 Subject: [PATCH 22/28] Sync capa rules submodule --- rules | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules b/rules index 7e100e18..85a980a6 160000 --- a/rules +++ b/rules @@ -1 +1 @@ -Subproject commit 7e100e186317e2e22683e1e44143ff0dcc9a36e2 +Subproject commit 85a980a6cc8557af10bc1220eac9251ce3334ab5 From fd36946c4be4528bfad546c189e5de9eb3816f61 Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 14:32:24 +0200 Subject: [PATCH 23/28] conftest: import symbols prefixed with _ --- tests/conftest.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/conftest.py b/tests/conftest.py index 37f43396..447d870e 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -14,3 +14,7 @@ # https://www.revsys.com/tidbits/pytest-fixtures-are-magic/ # https://lobste.rs/s/j8xgym/pytest_fixtures_are_magic from fixtures import * # noqa: F403 [unable to detect undefined names] +from fixtures import _039a6_dotnetfile_extractor # noqa: F403 [unable to detect undefined names] +from fixtures import _0953c_dotnetfile_extractor # noqa: F403 [unable to detect undefined names] +from fixtures import _692f_dotnetfile_extractor # noqa: F403 [unable to detect undefined names] +from fixtures import _1c444_dotnetfile_extractor # noqa: F403 [unable to detect undefined names] From c4da4bcfe78dbd9fb1c04e263883cbbf519488a9 Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 14:35:09 +0200 Subject: [PATCH 24/28] conftest: update noqa ignores --- tests/conftest.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/conftest.py b/tests/conftest.py index 447d870e..1da700a9 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -14,7 +14,7 @@ # https://www.revsys.com/tidbits/pytest-fixtures-are-magic/ # https://lobste.rs/s/j8xgym/pytest_fixtures_are_magic from fixtures import * # noqa: F403 [unable to detect undefined names] -from fixtures import _039a6_dotnetfile_extractor # noqa: F403 [unable to detect undefined names] -from fixtures import _0953c_dotnetfile_extractor # noqa: F403 [unable to detect undefined names] -from fixtures import _692f_dotnetfile_extractor # noqa: F403 [unable to detect undefined names] -from fixtures import _1c444_dotnetfile_extractor # noqa: F403 [unable to detect undefined names] +from fixtures import _039a6_dotnetfile_extractor # noqa: F401 [imported but unused] +from fixtures import _0953c_dotnetfile_extractor # noqa: F401 [imported but unused] +from fixtures import _692f_dotnetfile_extractor # noqa: F401 [imported but unused] +from fixtures import _1c444_dotnetfile_extractor # noqa: F401 [imported but unused] From 724f9e4b81ad4333f9f48999f71d686edd15e9f5 Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 14:52:05 +0200 Subject: [PATCH 25/28] conftest: isort --- tests/conftest.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/conftest.py b/tests/conftest.py index 1da700a9..cf99e8f7 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -14,7 +14,7 @@ # https://www.revsys.com/tidbits/pytest-fixtures-are-magic/ # https://lobste.rs/s/j8xgym/pytest_fixtures_are_magic from fixtures import * # noqa: F403 [unable to detect undefined names] +from fixtures import _692f_dotnetfile_extractor # noqa: F401 [imported but unused] from fixtures import _039a6_dotnetfile_extractor # noqa: F401 [imported but unused] from fixtures import _0953c_dotnetfile_extractor # noqa: F401 [imported but unused] -from fixtures import _692f_dotnetfile_extractor # noqa: F401 [imported but unused] from fixtures import _1c444_dotnetfile_extractor # noqa: F401 [imported but unused] From 82223dcdc912fd895f9973c3040d4f729ee0f30d Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 13 Jul 2023 13:12:13 +0000 Subject: [PATCH 26/28] conftest: isort --- tests/conftest.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/conftest.py b/tests/conftest.py index cf99e8f7..efe603a7 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -15,6 +15,6 @@ # https://lobste.rs/s/j8xgym/pytest_fixtures_are_magic from fixtures import * # noqa: F403 [unable to detect undefined names] from fixtures import _692f_dotnetfile_extractor # noqa: F401 [imported but unused] +from fixtures import _1c444_dotnetfile_extractor # noqa: F401 [imported but unused] from fixtures import _039a6_dotnetfile_extractor # noqa: F401 [imported but unused] from fixtures import _0953c_dotnetfile_extractor # noqa: F401 [imported but unused] -from fixtures import _1c444_dotnetfile_extractor # noqa: F401 [imported but unused] From 1065ff9779e0f9a8e1244f07d8215f9c70f47c2b Mon Sep 17 00:00:00 2001 From: Capa Bot Date: Thu, 13 Jul 2023 14:49:40 +0000 Subject: [PATCH 27/28] Sync capa-testfiles submodule --- tests/data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/data b/tests/data index 6aef0e73..9536f157 160000 --- a/tests/data +++ b/tests/data @@ -1 +1 @@ -Subproject commit 6aef0e73100afe530577993fe8a07b85741fbc50 +Subproject commit 9536f157405258a8b7714dd3a41d7e395231090f From 244d56e32a4788bac43f7d72fe282318510ef784 Mon Sep 17 00:00:00 2001 From: Capa Bot Date: Thu, 13 Jul 2023 14:50:40 +0000 Subject: [PATCH 28/28] Sync capa-testfiles submodule --- tests/data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/data b/tests/data index 9536f157..bfcf387b 160000 --- a/tests/data +++ b/tests/data @@ -1 +1 @@ -Subproject commit 9536f157405258a8b7714dd3a41d7e395231090f +Subproject commit bfcf387b5b55e65ef02ceb0cc5191ebe49ad5614