gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-12 15:49:46 -08:00
Code Issues Packages Projects Releases Wiki Activity

tests: register common FLIRT sigs

Browse Source 
closes #538
This commit is contained in:
William Ballenthin
2021-05-01 08:06:56 -06:00
parent e8c807b993
commit 8f0ce11ff6
1 changed files with 10 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
tests/fixtures.py
View File

@@ -72,15 +72,20 @@ def xfail(condition, reason=None):
def get_viv_extractor(path):
import capa.features.extractors.viv
aulldiv_pat = os.path.join(CD, "..", "sigs", "test_aulldiv.pat")
aullrem_pat = os.path.join(CD, "..", "sigs", "test_aullrem.pat.gz")
sigpaths = [
os.path.join(CD, "..", "sigs", "test_aulldiv.pat"),
os.path.join(CD, "..", "sigs", "test_aullrem.pat.gz"),
os.path.join(CD, "..", "sigs", "flare_common_libs.sig"),
os.path.join(CD, "..", "sigs", "flare_msvc_atlmfc_32_64.sig"),
os.path.join(CD, "..", "sigs", "flare_msvc_rtf_32_64.sig"),
]
if "raw32" in path:
vw = capa.main.get_workspace(path, "sc32", sigpaths=[aulldiv_pat, aullrem_pat])
vw = capa.main.get_workspace(path, "sc32", sigpaths=sigpaths)
elif "raw64" in path:
vw = capa.main.get_workspace(path, "sc64", sigpaths=[aulldiv_pat, aullrem_pat])
vw = capa.main.get_workspace(path, "sc64", sigpaths=sigpaths)
else:
vw = capa.main.get_workspace(path, "auto", sigpaths=[aulldiv_pat, aullrem_pat])
vw = capa.main.get_workspace(path, "auto", sigpaths=sigpaths)
extractor = capa.features.extractors.viv.VivisectFeatureExtractor(vw, path)
fixup_viv(path, extractor)
return extractor