From 9d5ecadf958912918d7e3bbaa43c580b4af0188b Mon Sep 17 00:00:00 2001
From: Michael Hunhoff <mike.hunhoff@gmail.com>
Date: Thu, 25 Jun 2020 13:22:07 -0600
Subject: [PATCH 1/2] adding support to display appropriate scope name in
 vverbose mode

---
 capa/main.py | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/capa/main.py b/capa/main.py
index 662eebd0..33d91aac 100644
--- a/capa/main.py
+++ b/capa/main.py
@@ -374,7 +374,7 @@ def render_result(res, indent=''):
         render_result(children, indent=indent + '  ')
 
 
-def render_capabilities_vverbose(results):
+def render_capabilities_vverbose(ruleset, results):
     '''
     print the matching rules, the functions in which they matched,
       and the logic tree with annotated matching features.
@@ -392,8 +392,13 @@ def render_capabilities_vverbose(results):
     '''
     for rule, ress in results.items():
         print('rule %s:' % (rule))
-        for (fva, res) in sorted(ress, key=lambda p: p[0]):
-            print('  - function 0x%x:' % (fva))
+        for (va, res) in sorted(ress, key=lambda p: p[0]):
+            rule_scope = ruleset.rules[rule].scope
+            if rule_scope == capa.rules.FILE_SCOPE:
+                # does not make sense to display va at file scope
+                print('  - %s:' % rule_scope)
+            else:
+                print('  - %s 0x%x:' % (rule_scope, va))
             render_result(res, indent='      ')
 
 
@@ -722,7 +727,7 @@ def main(argv=None):
         logger.warning('-' * 80)
 
     if args.vverbose:
-        render_capabilities_vverbose(capabilities)
+        render_capabilities_vverbose(rules, capabilities)
     elif args.verbose:
         render_capabilities_verbose(capabilities)
     else:

From e1f924ffd10172035a160ef9805ffa7829d792ab Mon Sep 17 00:00:00 2001
From: Michael Hunhoff <mike.hunhoff@gmail.com>
Date: Thu, 25 Jun 2020 13:39:05 -0600
Subject: [PATCH 2/2] tweak verbose display to remove empty va addresses for
 file scope

---
 capa/main.py | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/capa/main.py b/capa/main.py
index 093ebe6d..c9f21126 100644
--- a/capa/main.py
+++ b/capa/main.py
@@ -305,7 +305,7 @@ def render_capabilities_concise(results):
         print(rule)
 
 
-def render_capabilities_verbose(results):
+def render_capabilities_verbose(ruleset, results):
     '''
     print the matching rules, and the functions in which they matched.
 
@@ -321,6 +321,11 @@ def render_capabilities_verbose(results):
           - 0x40105d
     '''
     for rule, ress in results.items():
+        rule_scope = ruleset.rules[rule].scope
+        if rule_scope == capa.rules.FILE_SCOPE:
+            # only display rule name at file scope
+            print('%s' % rule)
+            continue
         print('%s:' % (rule))
         seen = set([])
         for (fva, _) in sorted(ress, key=lambda p: p[0]):
@@ -725,7 +730,7 @@ def main(argv=None):
     if args.vverbose:
         render_capabilities_vverbose(rules, capabilities)
     elif args.verbose:
-        render_capabilities_verbose(capabilities)
+        render_capabilities_verbose(rules, capabilities)
     else:
         render_capabilities_default(rules, capabilities)