From 2c93c5fc83d24b6089f8e2d18b5244cba3582667 Mon Sep 17 00:00:00 2001 From: Moritz Date: Thu, 1 Feb 2024 11:33:16 +0100 Subject: [PATCH] lint: get backend from format (#1964) * get backend from format * add lint.py script test * create FakeArgs object * adjust EOL handling in lints --------- Co-authored-by: Willi Ballenthin --- scripts/lint.py | 33 +++++++++------------------------ tests/test_scripts.py | 5 ++++- 2 files changed, 13 insertions(+), 25 deletions(-) diff --git a/scripts/lint.py b/scripts/lint.py index b63c53463..73bb0efff 100644 --- a/scripts/lint.py +++ b/scripts/lint.py @@ -356,19 +356,17 @@ def get_sample_capabilities(ctx: Context, path: Path) -> Set[str]: logger.debug("found cached results: %s: %d capabilities", nice_path, len(ctx.capabilities_by_sample[path])) return ctx.capabilities_by_sample[path] - if nice_path.name.endswith(capa.helpers.EXTENSIONS_SHELLCODE_32): - format_ = "sc32" - elif nice_path.name.endswith(capa.helpers.EXTENSIONS_SHELLCODE_64): - format_ = "sc64" - else: - format_ = capa.helpers.get_auto_format(nice_path) - logger.debug("analyzing sample: %s", nice_path) + + args = argparse.Namespace(input_file=nice_path, format=capa.main.FORMAT_AUTO, backend=capa.main.BACKEND_AUTO) + format_ = capa.main.get_input_format_from_cli(args) + backend = capa.main.get_backend_from_cli(args, format_) + extractor = capa.loader.get_extractor( nice_path, format_, OS_AUTO, - capa.main.BACKEND_VIV, + backend, DEFAULT_SIGNATURES, should_save_workspace=False, disable_progress=True, @@ -656,16 +654,6 @@ def check_features(self, ctx: Context, features: List[Feature]): return False -class FormatLineFeedEOL(Lint): - name = "line(s) end with CRLF (\\r\\n)" - recommendation = "convert line endings to LF (\\n) for example using dos2unix" - - def check_rule(self, ctx: Context, rule: Rule): - if len(rule.definition.split("\r\n")) > 0: - return False - return True - - class FormatSingleEmptyLineEOF(Lint): name = "EOF format" recommendation = "end file with a single empty line" @@ -681,16 +669,14 @@ class FormatIncorrect(Lint): recommendation_template = "use scripts/capafmt.py or adjust as follows\n{:s}" def check_rule(self, ctx: Context, rule: Rule): - actual = rule.definition + # EOL depends on Git and our .gitattributes defines text=auto (Git handles files it thinks is best) + # we prefer LF only, but enforcing across OSs seems tedious and unnecessary + actual = rule.definition.replace("\r\n", "\n") expected = capa.rules.Rule.from_yaml(rule.definition, use_ruamel=True).to_yaml() if actual != expected: diff = difflib.ndiff(actual.splitlines(1), expected.splitlines(True)) recommendation_template = self.recommendation_template - if "\r\n" in actual: - recommendation_template = ( - self.recommendation_template + "\nplease make sure that the file uses LF (\\n) line endings only" - ) self.recommendation = recommendation_template.format("".join(diff)) return True @@ -804,7 +790,6 @@ def lint_features(ctx: Context, rule: Rule): FORMAT_LINTS = ( - FormatLineFeedEOL(), FormatSingleEmptyLineEOF(), FormatStringQuotesIncorrect(), FormatIncorrect(), diff --git a/tests/test_scripts.py b/tests/test_scripts.py index e8ed6c379..0075f5600 100644 --- a/tests/test_scripts.py +++ b/tests/test_scripts.py @@ -40,7 +40,10 @@ def get_rule_path(): [ pytest.param("capa2yara.py", [get_rules_path()]), pytest.param("capafmt.py", [get_rule_path()]), - # not testing lint.py as it runs regularly anyway + # testing some variations of linter script + pytest.param("lint.py", ["-t", "create directory", get_rules_path()]), + # `create directory` rule has native and .NET example PEs + pytest.param("lint.py", ["--thorough", "-t", "create directory", get_rules_path()]), pytest.param("match-function-id.py", [get_file_path()]), pytest.param("show-capabilities-by-function.py", [get_file_path()]), pytest.param("show-features.py", [get_file_path()]),