gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-01-03 16:27:58 -08:00
Code Issues Packages Projects Releases Wiki Activity

fix bug in bytes feture rendering

Browse Source
This commit is contained in:
Michael Hunhoff
2020-07-01 08:47:43 -06:00
parent 4d1449e3fa
commit ccdbd43cda
2 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
capa/render/utils.py
View File

@@ -17,6 +17,11 @@ def hex(n):
return '0x%X' % n
def hex_string(h):
""" render hex string e.g. "0a40b1" as "0A 40 B1" """
return ' '.join(h[i:i + 2] for i in range(0, len(h), 2)).upper()
def capability_rules(doc):
"""enumerate the rules in (namespace, name) order that are 'capability' rules (not lib/subscope/disposition/etc)."""
for (_, _, rule) in sorted(map(lambda rule: (rule['meta'].get('namespace', ''), rule['meta']['name'], rule), doc.values())):

9
capa/render/vverbose.py
View File

@@ -22,10 +22,12 @@ def render_statement(ostream, statement, indent=0):
# so, we have to inline some of the feature rendering here.
child = statement['child']
if child['type'] in ('string', 'bytes', 'api', 'mnemonic', 'basic block', 'export', 'import', 'section', 'match'):
if child['type'] in ('string', 'api', 'mnemonic', 'basic block', 'export', 'import', 'section', 'match'):
feature = '%s(%s)' % (child['type'], rutils.bold2(child[child['type']]))
elif child['type'] in ('number', 'offset'):
feature = '%s(%s)' % (child['type'], rutils.bold2(rutils.hex(child[child['type']])))
elif child['type'] == 'bytes':
feature = '%s(%s)' % (child['type'], rutils.bold2(rutils.hex_string(child[child['type']])))
elif child['type'] == 'characteristic':
feature = 'characteristic(%s)' % (rutils.bold2(child['characteristic'][0]))
else:
@@ -68,10 +70,7 @@ def render_feature(ostream, match, feature, indent=0):
ostream.write('bytes: ')
# bytes is the uppercase, hex-encoded string.
# it should always be an even number of characters (its hex).
bytes = feature['bytes']
for i in range(len(bytes) // 2):
ostream.write(rutils.bold2(bytes[i:i + 2]))
ostream.write(' ')
ostream.write(rutils.bold2(rutils.hex_string(feature[feature['type']])))
elif feature['type'] == 'characteristic':
ostream.write('characteristic(%s)' % (rutils.bold2(feature['characteristic'][0])))
# note that regex is found in `render_statement`