Closed xusheng6 closed 1 year ago
Except this case it works for me!
I will submit a PR for this later
hm, how come our CI tests didn't catch this?
ah, because this code path is only encountered in standalone mode:
we should also create a test that invokes standalone capa.exe with the binja backend to show that it works in CI.
Just tried the fresh 5.1.0 release, and notice it does not work if the system Python version is 3.11. The problem is with the binja installation path detector. The offending line is https://github.com/mandiant/capa/blob/master/capa/features/extractors/binja/find_binja_api.py#L18-L19.
In Python 3.11, the importlib module seems to have changed, and we cannot access
importlib.util
in the old way:Simply changing it to sth like this would work: