gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-01-08 19:31:13 -08:00
Code Issues Packages Projects Releases Wiki Activity

test_scripts: avoid unsupported logic combinations

Browse Source
This commit is contained in:
Willi Ballenthin
2024-06-06 10:41:59 +02:00
committed by Willi Ballenthin
parent 4d81b7ab98
commit 76a4a5899f
1 changed files with 4 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
tests/test_scripts.py
View File

@@ -130,8 +130,8 @@ def test_detect_duplicate_features(tmpdir):
- or:
- arch: i386
- number: 4
- not:
- count(mnemonic(xor)): 5
- not:
- count(mnemonic(xor)): 5
- not:
- os: linux
"""
@@ -162,7 +162,7 @@ def test_detect_duplicate_features(tmpdir):
static: function
dynamic: process
features:
- or:
- and:
- not:
- number: 4
- basic block:
@@ -171,19 +171,6 @@ def test_detect_duplicate_features(tmpdir):
- number: 2
"""
),
"rule_4": textwrap.dedent(
"""
rule:
meta:
name: Test Rule 4
scopes:
static: function
dynamic: process
features:
- not:
- string: "expa"
"""
),
}
"""
@@ -193,11 +180,10 @@ def test_detect_duplicate_features(tmpdir):
The overlaps are like:
- Rule 0 has zero overlaps in RULESET
- Rule 1 overlaps with 3 other rules in RULESET
- Rule 4 overlaps with itself in RULESET
These overlap values indicate the number of rules with which
each rule in RULESET has overlapping features.
"""
rule_overlaps = [0, 4, 3, 3, 1]
rule_overlaps = [0, 4, 3, 3]
rule_dir = tmpdir.mkdir("capa_rule_overlap_test")
rule_paths = []