From a35f5a16507ca14f4d25254db1dd35c6d3a31bfa Mon Sep 17 00:00:00 2001
From: William Ballenthin <william.ballenthin@fireeye.com>
Date: Wed, 18 Aug 2021 14:21:50 -0600
Subject: [PATCH] elf: detect FreeBSD via note

---
 capa/features/extractors/elf.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/capa/features/extractors/elf.py b/capa/features/extractors/elf.py
index f11bd642..ae8886cd 100644
--- a/capa/features/extractors/elf.py
+++ b/capa/features/extractors/elf.py
@@ -188,6 +188,9 @@ def detect_elf_os(f: BinaryIO) -> str:
         elif name == "NetBSD":
             logger.debug("note owner: %s", "NETBSD")
             ret = OS.NETBSD if not ret else ret
+        elif name == "FreeBSD":
+            logger.debug("note owner: %s", "FREEBSD")
+            ret = OS.FREEBSD if not ret else ret
 
     for i in range(e_phnum):
         offset = i * e_phentsize