gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-02-04 11:07:53 -08:00
Code Issues Packages Projects Releases Wiki Activity

rules/__init__.py: invalidate rules with no scopes field

Browse Source
This commit is contained in:
Yacine Elhamer
2023-08-01 07:19:11 +01:00
parent b8212b3da7
commit f0d09899a1
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
capa/rules/__init__.py
View File

@@ -884,7 +884,12 @@ class Rule:
# this is probably the mode that rule authors will start with.
# each rule has two scopes, a static-flavor scope, and a
# dynamic-flavor one. which one is used depends on the analysis type.
scopes_ = meta.get("scopes", {"static": "function", "dynamic": "process"})
if "scope" in meta:
raise InvalidRule("rule is in legacy mode (has scope meta field). please update to the new syntax.")
elif "scopes" in meta:
scopes_ = meta.get("scopes")
else:
raise InvalidRule("please specify at least one of this rule's (static/dynamic) scopes")
if not isinstance(scopes_, dict):
raise InvalidRule("the scopes field must contain a dictionary specifying the scopes")