fixes 249

2026-01-10 04:05:32 -08:00 · 2020-08-26 16:31:07 -06:00
parent 8be1c84fd2
commit dc8870861b
2 changed files with 31 additions and 1 deletions
--- a/tests/test_rules.py
+++ b/tests/test_rules.py
@@ -483,6 +483,21 @@ def test_number_arch():
    assert r.evaluate({Number(2, arch=ARCH_X64): {1}}) == False


+def test_number_arch_symbol():
+    r = capa.rules.Rule.from_yaml(
+        textwrap.dedent(
+            """
+            rule:
+                meta:
+                    name: test rule
+                features:
+                    - number/x32: 2 = some constant
+            """
+        )
+    )
+    assert r.evaluate({Number(2, arch=ARCH_X32, description="some constant"): {1}}) == True
+
+
 def test_offset_symbol():
    rule = textwrap.dedent(
        """
@@ -546,6 +561,21 @@ def test_offset_arch():
    assert r.evaluate({Offset(2, arch=ARCH_X64): {1}}) == False


+def test_offset_arch_symbol():
+    r = capa.rules.Rule.from_yaml(
+        textwrap.dedent(
+            """
+            rule:
+                meta:
+                    name: test rule
+                features:
+                    - offset/x32: 2 = some constant
+            """
+        )
+    )
+    assert r.evaluate({Offset(2, arch=ARCH_X32, description="some constant"): {1}}) == True
+
+
 def test_invalid_offset():
    with pytest.raises(capa.rules.InvalidRule):
        r = capa.rules.Rule.from_yaml(