Merge pull request #660 from fireeye/ci/test-scripts

test scripts and fix show-features
2025-12-05 20:40:05 -08:00 · 2021-06-29 21:46:43 +02:00
parent f7e4273523 6860b9a040
commit b5f23e7baf
5 changed files with 79 additions and 5 deletions
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -6,6 +6,10 @@ on:
  pull_request:
    branches: [ master ]

+# save workspaces to speed up testing
+env:
+  CAPA_SAVE_WORKSPACE: "True"
+
 jobs:
  changelog_format:
    runs-on: ubuntu-20.04
@@ -39,7 +43,7 @@ jobs:
  rule_linter:
    runs-on: ubuntu-20.04
    steps:
-    - name: Checkout capa with rules submodule
+    - name: Checkout capa with submodules
      uses: actions/checkout@v2
      with:
        submodules: true
@@ -83,4 +87,4 @@ jobs:
    - name: Install capa
      run: pip install -e .[dev]
    - name: Run tests
-      run: pytest tests/
+      run: pytest -v tests/
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -146,7 +146,8 @@ It includes many new rules, including all new techniques introduced in MITRE ATT
 - ci, changelog: update `New Rules` section in CHANGELOG automatically https://github.com/fireeye/capa-rules/pull/374 #549 #604 @Ana06
 - ci, changelog: support multiple author in sync GH https://github.com/fireeye/capa-rules/pull/378 @Ana06
 - ci, lint: check statements for single child statements #563 @mr-tz
- ci: reject PRs without CHANGELOG update to ensure CHANGELOG is kept up-to-date. #584 @Ana06
+- ci: reject PRs without CHANGELOG update to ensure CHANGELOG is kept up-to-date #584 @Ana06
+- ci: test that scripts run #660 @mr-tz

 ### Raw diffs

--- a/capa/main.py
+++ b/capa/main.py
@@ -433,7 +433,7 @@ class UnsupportedRuntimeError(RuntimeError):


 def get_extractor(
-    path: str, format: str, backend: str, sigpaths: List[str], should_save_workspace, disable_progress=False
+    path: str, format: str, backend: str, sigpaths: List[str], should_save_workspace=False, disable_progress=False
 ) -> FeatureExtractor:
    """
    raises:
--- a/scripts/show-features.py
+++ b/scripts/show-features.py
@@ -64,6 +64,7 @@ Example::
    insn: 0x10001027: mnemonic(shl)
    ...
 """
+import os
 import sys
 import logging
 import os.path
@@ -106,8 +107,11 @@ def main(argv=None):
        with open(args.sample, "rb") as f:
            extractor = capa.features.freeze.load(f.read())
    else:
+        should_save_workspace = os.environ.get("CAPA_SAVE_WORKSPACE") not in ("0", "no", "NO", "n", None)
        try:
-            extractor = capa.main.get_extractor(args.sample, args.format, capa.main.BACKEND_VIV, sigpaths=sig_paths)
+            extractor = capa.main.get_extractor(
+                args.sample, args.format, capa.main.BACKEND_VIV, sig_paths, should_save_workspace
+            )
        except capa.main.UnsupportedFormatError:
            logger.error("-" * 80)
            logger.error(" Input file does not appear to be a PE file.")
--- a/tests/test_scripts.py
+++ b/tests/test_scripts.py
@@ -0,0 +1,65 @@
+# Copyright (C) 2020 FireEye, Inc. All Rights Reserved.
+# Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at: [package root]/LICENSE.txt
+# Unless required by applicable law or agreed to in writing, software distributed under the License
+#  is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and limitations under the License.
+
+import os
+import sys
+import subprocess
+
+import pytest
+
+CD = os.path.dirname(__file__)
+
+
+def get_script_path(s):
+    return os.path.join(CD, "..", "scripts", s)
+
+
+def get_file_path():
+    return os.path.join(CD, "data", "9324d1a8ae37a36ae560c37448c9705a.exe_")
+
+
+def get_rules_path():
+    return os.path.join(CD, "..", "rules")
+
+
+def get_rule_path():
+    return os.path.join(get_rules_path(), "lib", "allocate-memory.yml")
+
+
+@pytest.mark.parametrize(
+    "script,args",
+    [
+        pytest.param("capa2yara.py", [get_rules_path()]),
+        pytest.param("capafmt.py", [get_rule_path()]),
+        # not testing lint.py as it runs regularly anyway
+        pytest.param("match-function-id.py", [get_file_path()]),
+        pytest.param("show-capabilities-by-function.py", [get_file_path()]),
+        pytest.param("show-features.py", [get_file_path()]),
+        pytest.param("show-features.py", ["-F", "0x407970", get_file_path()]),
+    ],
+)
+def test_scripts(script, args):
+    script_path = get_script_path(script)
+    p = run_program(script_path, args)
+    assert p.returncode == 0
+
+
+def test_bulk_process(tmpdir):
+    # create test directory to recursively analyze
+    t = tmpdir.mkdir("test")
+    with open(os.path.join(CD, "data", "ping_täst.exe_"), "rb") as f:
+        t.join("test.exe_").write_binary(f.read())
+
+    p = run_program(get_script_path("bulk-process.py"), [t.dirname])
+    assert p.returncode == 0
+
+
+def run_program(script_path, args):
+    args = [sys.executable] + [script_path] + args
+    print("running: '%s'" % args)
+    return subprocess.run(args)