diff --git a/capa/features/extractors/viv/extractor.py b/capa/features/extractors/viv/extractor.py index 6f3b5886..a99f9e75 100644 --- a/capa/features/extractors/viv/extractor.py +++ b/capa/features/extractors/viv/extractor.py @@ -24,19 +24,6 @@ from capa.features.extractors.base_extractor import BBHandle, InsnHandle, Functi logger = logging.getLogger(__name__) -class VivInstructionHandle: - """this acts like a vivisect.Opcode but with an __int__() method""" - - def __init__(self, inner): - self._inner = inner - - def __int__(self): - return self.va - - def __getattr__(self, name): - return getattr(self._inner, name) - - class VivisectFeatureExtractor(FeatureExtractor): def __init__(self, vw, path): super(VivisectFeatureExtractor, self).__init__() diff --git a/capa/features/extractors/viv/indirect_calls.py b/capa/features/extractors/viv/indirect_calls.py index 9362b408..c433bab4 100644 --- a/capa/features/extractors/viv/indirect_calls.py +++ b/capa/features/extractors/viv/indirect_calls.py @@ -15,8 +15,6 @@ import envi.archs.i386.disasm import envi.archs.amd64.disasm from vivisect import VivWorkspace -from capa.features.extractors.viv.extractor import VivInstructionHandle - # pull out consts for lookup performance i386RegOper = envi.archs.i386.disasm.i386RegOper i386ImmOper = envi.archs.i386.disasm.i386ImmOper @@ -134,16 +132,14 @@ def find_definition(vw: VivWorkspace, va: int, reg: int) -> Tuple[int, Union[int raise NotFoundError() -def is_indirect_call(vw: VivWorkspace, va: int, insn: Optional["VivInstructionHandle"] = None) -> bool: +def is_indirect_call(vw: VivWorkspace, va: int, insn: envi.Opcode) -> bool: if insn is None: insn = vw.parseOpcode(va) return insn.mnem in ("call", "jmp") and isinstance(insn.opers[0], envi.archs.i386.disasm.i386RegOper) -def resolve_indirect_call( - vw: VivWorkspace, va: int, insn: Optional["VivInstructionHandle"] = None -) -> Tuple[int, Optional[int]]: +def resolve_indirect_call(vw: VivWorkspace, va: int, insn: envi.Opcode) -> Tuple[int, Optional[int]]: """ inspect the given indirect call instruction and attempt to resolve the target address.