From 97092c91db959cd74ee5c8e6bf761e58fc272ce4 Mon Sep 17 00:00:00 2001
From: William Ballenthin <william.ballenthin@fireeye.com>
Date: Wed, 11 Aug 2021 09:13:56 -0600
Subject: [PATCH] tests: assert absence of the wrong os/format

---
 tests/fixtures.py   | 4 +++-
 tests/test_rules.py | 8 +++++---
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/tests/fixtures.py b/tests/fixtures.py
index 1d9ed580..3e8f1b08 100644
--- a/tests/fixtures.py
+++ b/tests/fixtures.py
@@ -22,7 +22,7 @@ import capa.features.insn
 import capa.features.common
 import capa.features.basicblock
 from capa.features.common import ARCH_X32, ARCH_X64
-from capa.features.common import CHARACTERISTIC_WINDOWS, CHARACTERISTIC_PE
+from capa.features.common import CHARACTERISTIC_WINDOWS, CHARACTERISTIC_LINUX, CHARACTERISTIC_PE, CHARACTERISTIC_ELF
 
 CD = os.path.dirname(__file__)
 
@@ -502,9 +502,11 @@ FEATURE_PRESENCE_TESTS = sorted(
         ("pma16-01", "file", capa.features.file.FunctionName("__aulldiv"), True),
         # os & format
         ("pma16-01", "file", CHARACTERISTIC_WINDOWS, True),
+        ("pma16-01", "file", CHARACTERISTIC_LINUX, False),
         ("pma16-01", "function=0x404356", CHARACTERISTIC_WINDOWS, True),
         ("pma16-01", "function=0x404356,bb=0x4043B9", CHARACTERISTIC_WINDOWS, True),
         ("pma16-01", "file", CHARACTERISTIC_PE, True),
+        ("pma16-01", "file", CHARACTERISTIC_ELF, False),
         ("pma16-01", "function=0x404356", CHARACTERISTIC_PE, True),
         ("pma16-01", "function=0x404356,bb=0x4043B9", CHARACTERISTIC_PE, True),
     ],
diff --git a/tests/test_rules.py b/tests/test_rules.py
index abc37968..022292ca 100644
--- a/tests/test_rules.py
+++ b/tests/test_rules.py
@@ -15,7 +15,7 @@ import capa.engine
 import capa.features.common
 from capa.features.file import FunctionName
 from capa.features.insn import Number, Offset
-from capa.features.common import ARCH_X32, ARCH_X64, OS_WINDOWS, FORMAT_PE, String, Characteristic
+from capa.features.common import ARCH_X32, ARCH_X64, CHARACTERISTIC_PE, CHARACTERISTIC_WINDOWS, OS_WINDOWS, FORMAT_PE, String, Characteristic
 
 
 def test_rule_ctor():
@@ -960,7 +960,8 @@ def test_os_features():
     )
     r = capa.rules.Rule.from_yaml(rule)
     children = list(r.statement.get_children())
-    assert (Characteristic(OS_WINDOWS) in children) == True
+    assert (CHARACTERISTIC_WINDOWS in children) == True
+    assert (CHARACTERISTIC_LINUX not in children) == True
 
 
 def test_format_features():
@@ -977,4 +978,5 @@ def test_format_features():
     )
     r = capa.rules.Rule.from_yaml(rule)
     children = list(r.statement.get_children())
-    assert (Characteristic(FORMAT_PE) in children) == True
\ No newline at end of file
+    assert (CHARACTERISTIC_PE in children) == True
+    assert (CHARACTERISTIC_ELF not in children) == True
\ No newline at end of file