gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-12 15:49:46 -08:00
Code Issues Packages Projects Releases Wiki Activity

make Process model flexible and procmemory optional

Browse Source
This commit is contained in:
mr-tz
2024-12-03 13:00:37 +00:00
parent 201ec07b58
commit 959a234f0e
2 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@@ -33,6 +33,7 @@
- binja: support loading raw x86/x86_64 shellcode #2489 @xusheng6
- binja: fix crash when the IL of certain functions are not available. #2249 @xusheng6
- binja: major performance improvement on the binja extractor. #1414 @xusheng6
- cape: make Process model flexible and procmemory optional to load newest reports #2466 @mr-tz
### capa Explorer Web

7
capa/features/extractors/cape/models.py
View File

@@ -297,7 +297,10 @@ class Call(ExactModel):
id: int
class Process(ExactModel):
# FlexibleModel to account for extended fields
# refs: https://github.com/mandiant/capa/issues/2466
# https://github.com/kevoreilly/CAPEv2/pull/2199
class Process(FlexibleModel):
process_id: int
process_name: str
parent_id: int
@@ -400,7 +403,7 @@ class CapeReport(FlexibleModel):
CAPE: Optional[Union[Cape, list]] = None
dropped: Optional[list[File]] = None
procdump: Optional[list[ProcessFile]] = None
procmemory: ListTODO
procmemory: Optional[ListTODO] = None
# =========================================================================
# information we won't use in capa