Merge branch 'master' into feat/dynamic-sequence-scope

mandiant · Dec 13, 2024 · 269a2e0 · 269a2e0
2 parents f2a63ed + 1a82b9d
commit 269a2e0
Show file tree

Hide file tree

Showing 4 changed files with 29 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -21,8 +21,20 @@
 ### Development
 
 ### Raw diffs
-- [capa v8.0.0...master](https://github.com/mandiant/capa/compare/v8.0.0...master)
-- [capa-rules v8.0.0...master](https://github.com/mandiant/capa-rules/compare/v8.0.0...master)
+- [capa v8.0.1...master](https://github.com/mandiant/capa/compare/v8.0.1...master)
+- [capa-rules v8.0.1...master](https://github.com/mandiant/capa-rules/compare/v8.0.1...master)
+
+## v8.0.1
+
+This point release fixes an issue with the IDAPython API to now handle IDA Pro 8.3, 8.4, and 9.0 correctly.
+
+### Bug Fixes
+
+- handle IDA 8.3/8.4 vs. 9.0 API change @mr-tz
+
+### Raw diffs
+- [capa v8.0.0...v8.0.1](https://github.com/mandiant/capa/compare/v8.0.0...v8.0.1)
+- [capa-rules v8.0.0...v8.0.1](https://github.com/mandiant/capa-rules/compare/v8.0.0...v8.0.1)
 
 ## v8.0.0
 

diff --git a/capa/features/extractors/ida/helpers.py b/capa/features/extractors/ida/helpers.py
@@ -41,7 +41,15 @@ def find_byte_sequence(start: int, end: int, seq: bytes) -> Iterator[int]:
             return
 
         while True:
-            ea, _ = ida_bytes.bin_search(start, end, patterns, ida_bytes.BIN_SEARCH_FORWARD)
+            ea = ida_bytes.bin_search(start, end, patterns, ida_bytes.BIN_SEARCH_FORWARD)
+            if isinstance(ea, int):
+                # "ea_t" in IDA 8.4, 8.3
+                pass
+            elif isinstance(ea, tuple):
+                # "drc_t" in IDA 9
+                ea = ea[0]
+            else:
+                raise NotImplementedError(f"bin_search returned unhandled type: {type(ea)}")
             if ea == idaapi.BADADDR:
                 break
             start = ea + 1

diff --git a/capa/version.py b/capa/version.py
@@ -5,7 +5,7 @@
 # Unless required by applicable law or agreed to in writing, software distributed under the License
 #  is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and limitations under the License.
-__version__ = "8.0.0"
+__version__ = "8.0.1"
 
 
 def get_major_version():

diff --git a/web/public/index.html b/web/public/index.html
@@ -215,6 +215,11 @@ <h2 class="mt-3">Rule Updates</h2>
 
       <h2 class="mt-3">Tool Updates</h2>
 
+      <h3 class="mt-2">v8.0.0 (<em>2024-12-09</em>)</h3>
+      <p class="mt-0">
+        This point release fixes an issue with the IDAPython API to now handle IDA Pro 8.3, 8.4, and 9.0 correctly.
+      </p>
+
       <h3 class="mt-2">v8.0.0 (<em>2024-12-09</em>)</h3>
       <p class="mt-0">
         capa <a href="https://github.com/mandiant/capa/releases/tag/v8.0.0">v8.0.0</a> adds support for IDA Pro 9.0 (and idalib). The release comes with various improvements and bug fixes for the Binary Ninja backend (including to load with database files) -- thanks to @xusheng6.