binexport: thunk computation fails for d1e6506964edbfffb08c0dd32e1486b11fbced7a4bd870ffe79f110298f0efb8

mandiant / capa

The FLARE team's open-source tool to identify capabilities in executable files.

https://mandiant.github.io/capa/

Apache License 2.0

4.91k stars 565 forks source link

binexport: thunk computation fails for d1e6506964edbfffb08c0dd32e1486b11fbced7a4bd870ffe79f110298f0efb8 #2105

Closed mike-hunhoff closed 6 months ago

mike-hunhoff commented 6 months ago

see original comment https://github.com/mandiant/capa/blob/b578c4d052e8899e82e06dd948c8e7395f391cec/capa/features/extractors/binexport2/__init__.py#L276

mike-hunhoff commented 6 months ago

@mr-tz this appears resolved in an upcoming Ghidra BinExport extension fix. Once released, I'll regenerate the BinExport in capa-testfiles and close this out.

mike-hunhoff commented 6 months ago

addressed in https://github.com/mandiant/capa-testfiles/commit/af559f6be154c4ed91f47000fdea208ab4eecf7e and https://github.com/mandiant/capa/commit/e7e786c0926165b4a45953ec12ab571c69246876