Skip to content

fix rules cache compat and script test deps #2960

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
akshat4703 wants to merge 2 commits into
base: master
Choose a base branch
from
+9 −2
Open

fix rules cache compat and script test deps #2960

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c4f0309
fix rules cache compatibility for RuleFeatureIndex schema changes
akshat4703 Mar 21, 2026
cdf4860
tests: skip capa2sarif script test when optional deps are missing
akshat4703 Mar 21, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@
- main: suggest --os flag in unsupported OS error message to help users override ELF OS detection @devs6186 #2577
- render: escape sample-controlled strings before passing to Rich to prevent MarkupError @devs6186 #2699
- rules: handle empty or invalid YAML documents gracefully in `Rule.from_yaml` and `get_rules` @devs6186 #2900
- rules cache: invalidate stale cache format after `_RuleFeatureIndex` schema update to avoid runtime AttributeError in matching
- Fixed insecure deserialization vulnerability in YAML loading @0x1622 (#2770)
- loader: gracefully handle ELF files with unsupported architectures kamranulhaq2002@gmail.com #2800
- loader: handle SegmentationViolation for malformed ELF files @kami922 #2799
Expand Down Expand Up @@ -67,6 +68,7 @@
### Development

- doc: document that default output shows top-level matches only; -v/-vv show nested matches @devs6186 #1410
- tests: skip `capa2sarif.py` script test when optional dependencies (`sarif_om`, `jschema_to_python`) are not installed
- doc: fix typo in usage.md, add documentation links to README @devs6186 #2274
- doc: add table comparing ways to consume capa output (CLI, IDA, Ghidra, dynamic sandbox, web) @devs6186 #2273
- binja: add mypy config for top-level binaryninja module to fix mypy issues @devs6186 #2399
Expand Down
4 changes: 2 additions & 2 deletions capa/rules/cache.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ def get_cache_path(cache_dir: Path, id: CacheIdentifier) -> Path:


MAGIC = b"capa"
VERSION = b"\x00\x00\x00\x01"
VERSION = b"\x00\x00\x00\x02"


@dataclass
Expand Down Expand Up @@ -159,7 +159,7 @@ def load_cached_ruleset(cache_dir: Path, rule_contents: list[bytes]) -> Optional

try:
cache = RuleCache.load(buf)
except AssertionError:
except (AssertionError, EOFError, pickle.UnpicklingError, zlib.error, AttributeError, TypeError, ValueError):
logger.debug("rule set cache is invalid: %s", path)
Comment on lines +162 to 163
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist bot Mar 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

While the broad exception handling is good for robustness, it would be beneficial for debugging to log the specific exception that was caught. This will help diagnose future cache corruption issues more easily.

Suggested change
except (AssertionError, EOFError, pickle.UnpicklingError, zlib.error, AttributeError, TypeError, ValueError):
logger.debug("rule set cache is invalid: %s", path)
except (AssertionError, EOFError, pickle.UnpicklingError, zlib.error, AttributeError, TypeError, ValueError) as e:
logger.debug("rule set cache is invalid: %s: %s", path, e)

# delete the cache that seems to be invalid.
path.unlink()
Expand Down
5 changes: 5 additions & 0 deletions tests/test_scripts.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,13 +18,15 @@
import logging
import textwrap
import subprocess
import importlib.util
from pathlib import Path

import pytest

logger = logging.getLogger(__name__)

CD = Path(__file__).resolve().parent
HAS_CAPA2SARIF_DEPS = importlib.util.find_spec("sarif_om") is not None and importlib.util.find_spec("jschema_to_python") is not None
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist bot Mar 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

This line is a bit long and combines two separate checks. For better readability and to adhere to standard line length limits (like PEP 8's recommendation), consider breaking it into multiple lines.

Suggested change
HAS_CAPA2SARIF_DEPS = importlib.util.find_spec("sarif_om") is not None and importlib.util.find_spec("jschema_to_python") is not None
HAS_SARIF_OM = importlib.util.find_spec("sarif_om") is not None
HAS_JSCHEMA_TO_PYTHON = importlib.util.find_spec("jschema_to_python") is not None
HAS_CAPA2SARIF_DEPS = HAS_SARIF_OM and HAS_JSCHEMA_TO_PYTHON
References
  1. PEP 8, the style guide for Python code, recommends limiting lines to a maximum of 79 characters to improve readability. The current line exceeds this limit. (link)



def get_script_path(s: str):
Expand Down Expand Up @@ -66,6 +68,9 @@ def get_rule_path():
pytest.param(
"capa2sarif.py",
[Path(__file__).resolve().parent / "data" / "rd" / "Practical Malware Analysis Lab 01-01.dll_.json"],
marks=pytest.mark.skipif(
not HAS_CAPA2SARIF_DEPS, reason="capa2sarif.py requires optional deps: sarif_om and jschema_to_python"
),
),
# testing some variations of linter script
pytest.param("lint.py", ["-t", "create directory", get_rules_path()]),
Expand Down
Loading