gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-12 15:49:46 -08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #918 from mandiant/fix/911

Browse Source 
fixes #911
This commit is contained in:
Mike Hunhoff
2022-03-21 15:33:45 -06:00
committed by GitHub
parent 1b2f0fc85d fe87838dbe
commit 6d2ec59653
2 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@@ -14,6 +14,7 @@
### Bug Fixes
### capa explorer IDA Pro plugin
- improve file format extraction #918 @mike-hunhoff
### Development

13
capa/features/extractors/ida/file.py
View File

@@ -155,16 +155,17 @@ def extract_file_function_names():
def extract_file_format():
format_name = ida_loader.get_file_type_name()
file_info = idaapi.get_inf_structure()
if "PE" in format_name:
if file_info.filetype == idaapi.f_PE:
yield Format(FORMAT_PE), 0x0
elif "ELF64" in format_name:
yield Format(FORMAT_ELF), 0x0
elif "ELF32" in format_name:
elif file_info.filetype == idaapi.f_ELF:
yield Format(FORMAT_ELF), 0x0
elif file_info.filetype == idaapi.f_BIN:
# no file type to return when processing a binary file, but we want to continue processing
return
else:
raise NotImplementedError("file format: %s", format_name)
raise NotImplementedError("file format: %d" % file_info.filetype)
def extract_features():