fix lints after sync with master

.github/ruff.toml

@@ -53,6 +53,7 @@ exclude = [
 "tests/test_freeze.py" = ["F401", "F811"]
 "tests/test_function_id.py" = ["F401", "F811"]
 "tests/test_viv_features.py" = ["F401", "F811"]
+"tests/test_cape_features.py" = ["F401", "F811"]
 "tests/test_binja_features.py" = ["F401", "F811"]
 "tests/test_pefile_features.py" = ["F401", "F811"]
 "tests/test_dnfile_features.py" = ["F401", "F811"]

capa/features/extractors/cape/extractor.py

@@ -6,14 +6,14 @@
 #  is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and limitations under the License.
 import logging
-from typing import Dict, Tuple, Union, Iterator
+from typing import Dict, Tuple, Iterator
 
 import capa.features.extractors.cape.file
 import capa.features.extractors.cape.thread
 import capa.features.extractors.cape.global_
 import capa.features.extractors.cape.process
 from capa.features.common import Feature
-from capa.features.address import NO_ADDRESS, Address, AbsoluteVirtualAddress
+from capa.features.address import Address, AbsoluteVirtualAddress
 from capa.features.extractors.base_extractor import ThreadHandle, ProcessHandle, DynamicFeatureExtractor
 
 logger = logging.getLogger(__name__)

capa/features/extractors/cape/global_.py

@@ -77,7 +77,7 @@ def extract_os(static) -> Iterator[Tuple[Feature, Address]]:
         yield from guess_elf_os(file_command)
     else:
         # the sample is shellcode
-        logger.debug(f"unsupported file format, file command output: {file_command}")
+        logger.debug("unsupported file format, file command output: %s", file_command)
         yield OS(OS_ANY), NO_ADDRESS
 
 

capa/features/extractors/cape/process.py

@@ -6,14 +6,14 @@
 #  is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and limitations under the License.
 import logging
-from typing import Any, Dict, List, Tuple, Iterator
+from typing import Dict, List, Tuple, Iterator
 
 import capa.features.extractors.cape.file
 import capa.features.extractors.cape.thread
 import capa.features.extractors.cape.global_
 import capa.features.extractors.cape.process
 from capa.features.common import String, Feature
-from capa.features.address import NO_ADDRESS, Address, AbsoluteVirtualAddress
+from capa.features.address import NO_ADDRESS, Address
 from capa.features.extractors.base_extractor import ThreadHandle, ProcessHandle
 
 logger = logging.getLogger(__name__)
@@ -42,9 +42,10 @@ def extract_environ_strings(behavior: Dict, ph: ProcessHandle) -> Iterator[Tuple
     if not environ:
         return
 
-    for variable, value in environ.items():
-        if value:
-            yield String(value), NO_ADDRESS
+    for value in environ.values():
+        if not value:
+            continue
+        yield String(value), NO_ADDRESS
 
 
 def extract_features(behavior: Dict, ph: ProcessHandle) -> Iterator[Tuple[Feature, Address]]:

capa/features/extractors/cape/thread.py

@@ -12,7 +12,7 @@ from typing import Any, Dict, List, Tuple, Iterator
 import capa.features.extractors.cape.helpers
 from capa.features.insn import API, Number
 from capa.features.common import String, Feature
-from capa.features.address import Address, DynamicAddress, AbsoluteVirtualAddress
+from capa.features.address import Address, DynamicAddress
 from capa.features.extractors.base_extractor import ThreadHandle, ProcessHandle
 
 logger = logging.getLogger(__name__)
@@ -40,7 +40,9 @@ def extract_call_features(behavior: Dict, ph: ProcessHandle, th: ThreadHandle) -
         if call["thread_id"] != tid:
             continue
 
-        # TODO this address may vary from the PE header, may read actual base from procdump.pe.imagebase or similar
+        # TODO(yelhamer): find correct base address used at runtime.
+        # this address may vary from the PE header, may read actual base from procdump.pe.imagebase or similar.
+        # https://github.com/mandiant/capa/issues/1618
         caller = DynamicAddress(call["id"], int(call["caller"], 16))
         # list similar to disassembly: arguments right-to-left, call
         for arg in call["arguments"][::-1]:

capa/features/extractors/common.py

@@ -1,5 +1,4 @@
 import io
-import json
 import logging
 import binascii
 import contextlib
@@ -19,7 +18,6 @@ from capa.features.common import (
     FORMAT_PE,
     FORMAT_ELF,
     OS_WINDOWS,
-    FORMAT_CAPE,
     FORMAT_FREEZE,
     FORMAT_RESULT,
     Arch,

capa/main.py

@@ -22,7 +22,7 @@ import textwrap
 import itertools
 import contextlib
 import collections
-from typing import Any, Dict, List, Tuple, Union, Callable, cast
+from typing import Any, Dict, List, Tuple, Callable, cast
 
 import halo
 import tqdm

scripts/show-features.py

@@ -69,7 +69,6 @@ import sys
 import logging
 import os.path
 import argparse
-from typing import cast
 
 import capa.main
 import capa.rules
@@ -104,7 +103,7 @@ def main(argv=None):
     capa.main.handle_common_args(args)
 
     try:
-        taste = capa.helpers.get_file_taste(args.sample)
+        _ = capa.helpers.get_file_taste(args.sample)
     except IOError as e:
         logger.error("%s", str(e))
         return -1

tests/test_cape_features.py

@@ -6,7 +6,7 @@
 #  is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and limitations under the License.
 import fixtures
-from fixtures import *
+from fixtures import scope, sample
 
 
 @fixtures.parametrize(