Merge branch 'mandiant:master' into Aayush-Goel-04/Issue#1451

2025-12-12 15:49:46 -08:00 · 2023-05-04 19:20:13 +05:30
parent 1c558a203d 8d2a186b1a
commit b32ab87bb7
3 changed files with 54 additions and 22 deletions
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -108,23 +108,23 @@ jobs:
    steps:
    - name: Checkout capa with submodules
      # do only run if BN_SERIAL is available, have to do this in every step, see https://github.com/orgs/community/discussions/26726#discussioncomment-3253118
-      if: ${{ env.BN_SERIAL }} != ""
+      if: ${{ env.BN_SERIAL != 0 }}
      uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
      with:
        submodules: recursive
    - name: Set up Python ${{ matrix.python-version }}
-      if: ${{ env.BN_SERIAL }} != ""
+      if: ${{ env.BN_SERIAL != 0 }}
      uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435 # v4.5.0
      with:
        python-version: ${{ matrix.python-version }}
    - name: Install pyyaml
-      if: ${{ env.BN_SERIAL }} != ""
+      if: ${{ env.BN_SERIAL != 0 }}
      run: sudo apt-get install -y libyaml-dev
    - name: Install capa
-      if: ${{ env.BN_SERIAL }} != ""
+      if: ${{ env.BN_SERIAL != 0 }}
      run: pip install -e .[dev]
    - name: install Binary Ninja
-      if: ${{ env.BN_SERIAL }} != ""
+      if: ${{ env.BN_SERIAL != 0 }}
      run: |
        mkdir ./.github/binja
        curl "https://raw.githubusercontent.com/Vector35/binaryninja-api/6812c97/scripts/download_headless.py" -o ./.github/binja/download_headless.py
@@ -132,7 +132,7 @@ jobs:
        unzip .github/binja/BinaryNinja-headless.zip -d .github/binja/
        python .github/binja/binaryninja/scripts/install_api.py --install-on-root --silent
    - name: Run tests
-      if: ${{ env.BN_SERIAL }} != ""
+      if: ${{ env.BN_SERIAL != 0 }}
      env:
        BN_LICENSE: ${{ secrets.BN_LICENSE }}
      run: pytest -v tests/test_binja_features.py  # explicitly refer to the binja tests for performance. other tests run above.
--- a/capa/features/extractors/elf.py
+++ b/capa/features/extractors/elf.py
@@ -854,28 +854,60 @@ def detect_elf_os(f) -> str:
    """
    f: type Union[BinaryIO, IDAIO]
    """
-    elf = ELF(f)
+    try:
+        elf = ELF(f)
+    except Exception as e:
+        logger.warning("Error parsing ELF file: %s", e)
+        return "unknown"

-    osabi_guess = guess_os_from_osabi(elf)
-    logger.debug("guess: osabi: %s", osabi_guess)
+    try:
+        osabi_guess = guess_os_from_osabi(elf)
+        logger.debug("guess: osabi: %s", osabi_guess)
+    except Exception as e:
+        logger.warning("Error guessing OS from OSABI: %s", e)
+        osabi_guess = None

-    ph_notes_guess = guess_os_from_ph_notes(elf)
-    logger.debug("guess: ph notes: %s", ph_notes_guess)
+    try:
+        ph_notes_guess = guess_os_from_ph_notes(elf)
+        logger.debug("guess: ph notes: %s", ph_notes_guess)
+    except Exception as e:
+        logger.warning("Error guessing OS from program header notes: %s", e)
+        ph_notes_guess = None

-    sh_notes_guess = guess_os_from_sh_notes(elf)
-    logger.debug("guess: sh notes: %s", sh_notes_guess)
+    try:
+        sh_notes_guess = guess_os_from_sh_notes(elf)
+        logger.debug("guess: sh notes: %s", sh_notes_guess)
+    except Exception as e:
+        logger.warning("Error guessing OS from section header notes: %s", e)
+        sh_notes_guess = None

-    linker_guess = guess_os_from_linker(elf)
-    logger.debug("guess: linker: %s", linker_guess)
+    try:
+        linker_guess = guess_os_from_linker(elf)
+        logger.debug("guess: linker: %s", linker_guess)
+    except Exception as e:
+        logger.warning("Error guessing OS from linker: %s", e)
+        linker_guess = None

-    abi_versions_needed_guess = guess_os_from_abi_versions_needed(elf)
-    logger.debug("guess: ABI versions needed: %s", abi_versions_needed_guess)
+    try:
+        abi_versions_needed_guess = guess_os_from_abi_versions_needed(elf)
+        logger.debug("guess: ABI versions needed: %s", abi_versions_needed_guess)
+    except Exception as e:
+        logger.warning("Error guessing OS from ABI versions needed: %s", e)
+        abi_versions_needed_guess = None

-    needed_dependencies_guess = guess_os_from_needed_dependencies(elf)
-    logger.debug("guess: needed dependencies: %s", needed_dependencies_guess)
+    try:
+        needed_dependencies_guess = guess_os_from_needed_dependencies(elf)
+        logger.debug("guess: needed dependencies: %s", needed_dependencies_guess)
+    except Exception as e:
+        logger.warning("Error guessing OS from needed dependencies: %s", e)
+        needed_dependencies_guess = None

-    symtab_guess = guess_os_from_symtab(elf)
-    logger.debug("guess: pertinent symbol name: %s", symtab_guess)
+    try:
+        symtab_guess = guess_os_from_symtab(elf)
+        logger.debug("guess: pertinent symbol name: %s", symtab_guess)
+    except Exception as e:
+        logger.warning("Error guessing OS from symbol table: %s", e)
+        symtab_guess = None

    ret = None

--- a/2
+++ b/2