fix: elf_analysis fixes for new lief version

fkie-cad · Dec 3, 2024 · 700a7d4 · 700a7d4
1 parent afec839
commit 700a7d4
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/src/plugins/analysis/elf_analysis/code/elf_analysis.py b/src/plugins/analysis/elf_analysis/code/elf_analysis.py
@@ -7,6 +7,7 @@
 from typing import TYPE_CHECKING, Iterable, List, Optional
 
 import lief
+from lief.ELF import Section
 from pydantic import BaseModel
 from semver import Version
 
@@ -118,6 +119,8 @@ def analyze(self, file_handle: FileIO, virtual_file_path: str, analyses: dict) -
         del virtual_file_path, analyses
         elf = lief.parse(file_handle.name)
         json_dict = json.loads(lief.to_json(elf))
+        # for whatever reason, the machine types are all in caps in the new version of lief
+        json_dict['header']['machine_type'] = json_dict['header']['machine_type'].lower()
         _convert_flags(json_dict)
         return self.Schema(
             header=ElfHeader.model_validate(json_dict['header']),
@@ -227,7 +230,7 @@ def _get_active_flags(flags_value: int, flag_dict: dict[str, int]) -> list[str]:
 
 
 def _get_note_sections_content(elf: lief.ELF) -> Iterable[InfoSectionData]:
-    for section in elf.sections:  # type: lief.ELF.Section
-        if section.type == lief.ELF.SECTION_TYPES.NOTE:
+    for section in elf.sections:  # type: Section
+        if section.type == Section.TYPE.NOTE:
             readable_content = bytes([c for c in section.content.tobytes() if c in PRINTABLE_BYTES])
             yield InfoSectionData(name=section.name, contents=readable_content.decode())