From 84d2f9f324e6017239ec10586eec4ccad90bb5c8 Mon Sep 17 00:00:00 2001 From: Michael Hunhoff Date: Tue, 8 Jun 2021 10:12:40 -0600 Subject: [PATCH] fix 616 --- CHANGELOG.md | 1 + capa/features/file.py | 1 + capa/ida/plugin/model.py | 4 ++-- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6e062554..ac937b94 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -107,6 +107,7 @@ It includes many new rules, including all new techniques introduced in MITRE ATT - build: use Python 3.8 for PyInstaller to support consistently running across multiple operating systems including Windows 7 #505 @mr-tz - main: correctly match BB-scope matches at file scope #605 @williballenthin +- explorer: add support for function-name feature #618 @mike-hunhoff ### Changes diff --git a/capa/features/file.py b/capa/features/file.py index 16413816..cd4f03f0 100644 --- a/capa/features/file.py +++ b/capa/features/file.py @@ -33,3 +33,4 @@ class FunctionName(Feature): def __init__(self, name, description=None): # value is function name super(FunctionName, self).__init__(name, description=description) + self.name = "function-name" diff --git a/capa/ida/plugin/model.py b/capa/ida/plugin/model.py index b9430e2d..fb8c9ceb 100644 --- a/capa/ida/plugin/model.py +++ b/capa/ida/plugin/model.py @@ -593,9 +593,9 @@ class CapaExplorerDataModel(QtCore.QAbstractItemModel): parent, display, location, '"%s"' % capa.features.escape_string(feature[feature["type"]]) ) - if feature["type"] in ("import", "export"): + if feature["type"] in ("import", "export", "function-name"): # display no preview - return CapaExplorerFeatureItem(parent, display=display) + return CapaExplorerFeatureItem(parent, location=location, display=display) raise RuntimeError("unexpected feature type: " + str(feature["type"]))