gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-02-04 11:07:53 -08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1844 from mandiant/mr-tz-patch-1

Browse Source 
fix whitespace removal in format check
This commit is contained in:
Moritz
2023-11-11 19:53:44 +01:00
committed by GitHub
parent 0097822e51 41a397661f
commit dee0aa73eb
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
capa/features/extractors/common.py
View File

@@ -65,7 +65,7 @@ def extract_format(buf) -> Iterator[Tuple[Feature, Address]]:
yield Format(FORMAT_FREEZE), NO_ADDRESS
elif buf.startswith(MATCH_RESULT):
yield Format(FORMAT_RESULT), NO_ADDRESS
elif re.sub(rb"\w", b"", buf[:20]).startswith(MATCH_JSON_OBJECT):
elif re.sub(rb"\s", b"", buf[:20]).startswith(MATCH_JSON_OBJECT):
# potential start of JSON object data without whitespace
# we don't know what it is exactly, but may support it (e.g. a dynamic CAPE sandbox report)
# skip verdict here and let subsequent code analyze this further