rules: fix bug in string counting

closes #241
2025-12-23 07:28:34 -08:00 · 2020-08-16 21:38:13 -06:00
parent b084f7cb9b
commit d3dad3a66a
2 changed files with 18 additions and 1 deletions
--- a/tests/test_rules.py
+++ b/tests/test_rules.py
@@ -162,6 +162,23 @@ def test_rule_yaml_count_range():
    assert r.evaluate({Number(100): {1, 2, 3}}) == False


+def test_rule_yaml_count_string():
+    rule = textwrap.dedent(
+        """
+        rule:
+            meta:
+                name: test rule
+            features:
+                - count(string(foo)): 2
+        """
+    )
+    r = capa.rules.Rule.from_yaml(rule)
+    assert r.evaluate({String("foo"): {}}) == False
+    assert r.evaluate({String("foo"): {1}}) == False
+    assert r.evaluate({String("foo"): {1, 2}}) == True
+    assert r.evaluate({String("foo"): {1, 2, 3}}) == False
+
+
 def test_invalid_rule_feature():
    with pytest.raises(capa.rules.InvalidRule):
        capa.rules.Rule.from_yaml(