gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-01-06 01:37:57 -08:00
Code Issues Packages Projects Releases Wiki Activity

tests: assert absence of the wrong os/format

Browse Source
This commit is contained in:
William Ballenthin
2021-08-11 09:13:56 -06:00
parent 20859d2796
commit 97092c91db
2 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tests/fixtures.py
View File

@@ -22,7 +22,7 @@ import capa.features.insn
import capa.features.common import capa.features.common
import capa.features.basicblock import capa.features.basicblock
from capa.features.common import ARCH_X32, ARCH_X64 from capa.features.common import ARCH_X32, ARCH_X64
from capa.features.common import CHARACTERISTIC_WINDOWS, CHARACTERISTIC_PE from capa.features.common import CHARACTERISTIC_WINDOWS, CHARACTERISTIC_LINUX, CHARACTERISTIC_PE, CHARACTERISTIC_ELF
CD = os.path.dirname(__file__) CD = os.path.dirname(__file__)
@@ -502,9 +502,11 @@ FEATURE_PRESENCE_TESTS = sorted(
("pma16-01", "file", capa.features.file.FunctionName("__aulldiv"), True), ("pma16-01", "file", capa.features.file.FunctionName("__aulldiv"), True),
# os & format # os & format
("pma16-01", "file", CHARACTERISTIC_WINDOWS, True), ("pma16-01", "file", CHARACTERISTIC_WINDOWS, True),
("pma16-01", "file", CHARACTERISTIC_LINUX, False),
("pma16-01", "function=0x404356", CHARACTERISTIC_WINDOWS, True), ("pma16-01", "function=0x404356", CHARACTERISTIC_WINDOWS, True),
("pma16-01", "function=0x404356,bb=0x4043B9", CHARACTERISTIC_WINDOWS, True), ("pma16-01", "function=0x404356,bb=0x4043B9", CHARACTERISTIC_WINDOWS, True),
("pma16-01", "file", CHARACTERISTIC_PE, True), ("pma16-01", "file", CHARACTERISTIC_PE, True),
("pma16-01", "file", CHARACTERISTIC_ELF, False),
("pma16-01", "function=0x404356", CHARACTERISTIC_PE, True), ("pma16-01", "function=0x404356", CHARACTERISTIC_PE, True),
("pma16-01", "function=0x404356,bb=0x4043B9", CHARACTERISTIC_PE, True), ("pma16-01", "function=0x404356,bb=0x4043B9", CHARACTERISTIC_PE, True),
], ],

8
tests/test_rules.py
View File

@@ -15,7 +15,7 @@ import capa.engine
import capa.features.common import capa.features.common
from capa.features.file import FunctionName from capa.features.file import FunctionName
from capa.features.insn import Number, Offset from capa.features.insn import Number, Offset
from capa.features.common import ARCH_X32, ARCH_X64, OS_WINDOWS, FORMAT_PE, String, Characteristic from capa.features.common import ARCH_X32, ARCH_X64, CHARACTERISTIC_PE, CHARACTERISTIC_WINDOWS, OS_WINDOWS, FORMAT_PE, String, Characteristic
def test_rule_ctor(): def test_rule_ctor():
@@ -960,7 +960,8 @@ def test_os_features():
) )
r = capa.rules.Rule.from_yaml(rule) r = capa.rules.Rule.from_yaml(rule)
children = list(r.statement.get_children()) children = list(r.statement.get_children())
assert (Characteristic(OS_WINDOWS) in children) == True assert (CHARACTERISTIC_WINDOWS in children) == True
assert (CHARACTERISTIC_LINUX not in children) == True
def test_format_features(): def test_format_features():
@@ -977,4 +978,5 @@ def test_format_features():
) )
r = capa.rules.Rule.from_yaml(rule) r = capa.rules.Rule.from_yaml(rule)
children = list(r.statement.get_children()) children = list(r.statement.get_children())
assert (Characteristic(FORMAT_PE) in children) == True assert (CHARACTERISTIC_PE in children) == True
assert (CHARACTERISTIC_ELF not in children) == True