gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-22 07:10:29 -08:00
Code Issues Packages Projects Releases Wiki Activity

linter: skip native API check for more UEFI routines

Browse Source
This commit is contained in:
Willi Ballenthin
2023-08-02 12:54:03 +00:00
parent b2789f0df6
commit a538a7bbab
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
scripts/lint.py
View File

@@ -571,6 +571,8 @@ class FeatureNtdllNtoskrnlApi(Lint):
"RtlCreateUserProcess", "RtlCreateUserProcess",
"NtProtectVirtualMemory", "NtProtectVirtualMemory",
"NtEnumerateSystemEnvironmentValuesEx", "NtEnumerateSystemEnvironmentValuesEx",
"NtQuerySystemEnvironmentValueEx",
"NtQuerySystemEnvironmentValue",
): ):
# ntoskrnl.exe does not export these routines # ntoskrnl.exe does not export these routines
continue continue
@@ -581,6 +583,7 @@ class FeatureNtdllNtoskrnlApi(Lint):
"KeStackAttachProcess", "KeStackAttachProcess",
"ObfDereferenceObject", "ObfDereferenceObject",
"KeUnstackDetachProcess", "KeUnstackDetachProcess",
"ExGetFirmwareEnvironmentVariable",
): ):
# ntdll.dll does not export these routines # ntdll.dll does not export these routines
continue continue