add error handling to SymTab and its callers

capa/features/extractors/elf.py

@@ -722,7 +722,14 @@ class SymTab:
                 sh_symtab = Shdr.from_viv(section, ElfBinary.readAtOffset(section.sh_offset, section.sh_size))
                 sh_strtab = Shdr.from_viv(strtab_section, ElfBinary.readAtOffset(strtab_section.sh_offset, strtab_section.sh_size))
 
-        return cls(endian, bitness, sh_symtab, sh_strtab)
+        try:
+            return cls(endian, bitness, sh_symtab, sh_strtab)
+        except NameError:
+            return None
+        except:
+            # all exceptions that could be encountered by
+            # cls._parse() imply a faulty symbol's table.
+            raise CorruptElfFile("malformed symbol's table")
 
 
 def guess_os_from_osabi(elf: ELF) -> Optional[OS]:

capa/features/extractors/viv/function.py

@@ -35,17 +35,21 @@ def extract_function_symtab_names(fh: FunctionHandle) -> Iterator[Tuple[Feature,
         # the file's symbol table gets added to the metadata of the vivisect workspace.
         # this is in order to eliminate the computational overhead of refetching symtab each time.
         if "symtab" not in fh.ctx["cache"]:
-            fh.ctx["cache"]["symtab"] = SymTab.from_Elf(fh.inner.vw.parsedbin)
+            try:
+                fh.ctx["cache"]["symtab"] = SymTab.from_Elf(fh.inner.vw.parsedbin)
+            except:
+                fh.ctx["cache"]["symtab"] = None
 
         symtab = fh.ctx["cache"]["symtab"]
-        for symbol in symtab.get_symbols():
-            sym_name = symtab.get_name(symbol)
-            sym_value = symbol.value
-            sym_info = symbol.info
+        if symtab:
+            for symbol in symtab.get_symbols():
+                sym_name = symtab.get_name(symbol)
+                sym_value = symbol.value
+                sym_info = symbol.info
 
-            STT_FUNC = 0x2
-            if sym_value == fh.address and sym_info & STT_FUNC != 0:
-                yield FunctionName(sym_name), fh.address
+                STT_FUNC = 0x2
+                if sym_value == fh.address and sym_info & STT_FUNC != 0:
+                    yield FunctionName(sym_name), fh.address
 
 
 def extract_function_calls_to(fhandle: FunctionHandle) -> Iterator[Tuple[Feature, Address]]:

capa/features/extractors/viv/insn.py

@@ -115,17 +115,21 @@ def extract_insn_api_features(fh: FunctionHandle, bb, ih: InsnHandle) -> Iterato
             if "symtab" not in fh.ctx["cache"]:
                 # the symbol table gets stored as a function's attribute in order to avoid running
                 # this code everytime the call is made, thus preventing the computational overhead.
-                fh.ctx["cache"]["symtab"] = SymTab.from_Elf(f.vw.parsedbin)
+                try:
+                    fh.ctx["cache"]["symtab"] = SymTab.from_Elf(f.vw.parsedbin)
+                except:
+                    fh.ctx["cache"]["symtab"] = None
 
             symtab = fh.ctx["cache"]["symtab"]
-            for symbol in symtab.get_symbols():
-                sym_name = symtab.get_name(symbol)
-                sym_value = symbol.value
-                sym_info = symbol.info
+            if symtab:
+                for symbol in symtab.get_symbols():
+                    sym_name = symtab.get_name(symbol)
+                    sym_value = symbol.value
+                    sym_info = symbol.info
 
-                STT_FUNC = 0x2
-                if sym_value == target and sym_info & STT_FUNC != 0:
-                    yield API(sym_name), ih.address
+                    STT_FUNC = 0x2
+                    if sym_value == target and sym_info & STT_FUNC != 0:
+                        yield API(sym_name), ih.address
 
         if viv_utils.flirt.is_library_function(f.vw, target):
             name = viv_utils.get_function_name(f.vw, target)