gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-12 15:49:46 -08:00
Code Issues Packages Projects Releases Wiki Activity

ida/plugin/form.py: replace usage of '==' with usage of 'in' operator

Browse Source
This commit is contained in:
Yacine Elhamer
2023-07-12 15:36:28 +01:00
parent 34d3d6c1f9
commit 17030395c6
1 changed files with 13 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
capa/ida/plugin/form.py
View File

@@ -1192,10 +1192,15 @@ class CapaExplorerForm(idaapi.PluginForm):
return
is_match: bool = False
if self.rulegen_current_function is not None and rule.scopes in (
capa.rules.Scope.FUNCTION,
capa.rules.Scope.BASIC_BLOCK,
capa.rules.Scope.INSTRUCTION,
if self.rulegen_current_function is not None and any(
[
s in rule.scopes
for s in (
capa.rules.Scope.FUNCTION,
capa.rules.Scope.BASIC_BLOCK,
capa.rules.Scope.INSTRUCTION,
)
]
):
try:
_, func_matches, bb_matches, insn_matches = self.rulegen_feature_cache.find_code_capabilities(
@@ -1205,13 +1210,13 @@ class CapaExplorerForm(idaapi.PluginForm):
self.set_rulegen_status(f"Failed to create function rule matches from rule set ({e})")
return
if rule.scopes == capa.rules.Scope.FUNCTION and rule.name in func_matches.keys():
if capa.rules.Scope.FUNCTION in rule.scopes and rule.name in func_matches.keys():
is_match = True
elif rule.scopes == capa.rules.Scope.BASIC_BLOCK and rule.name in bb_matches.keys():
elif capa.rules.Scope.BASIC_BLOCK in rules.scopes and rule.name in bb_matches.keys():
is_match = True
elif rule.scopes == capa.rules.Scope.INSTRUCTION and rule.name in insn_matches.keys():
elif capa.rules.Scope.INSTRUCTION in rules.scopes and rule.name in insn_matches.keys():
is_match = True
elif rule.scopes == capa.rules.Scope.FILE:
elif capa.rules.Scope.FILE in rules.scopes:
try:
_, file_matches = self.rulegen_feature_cache.find_file_capabilities(ruleset)
except Exception as e: