diff --git a/CHANGELOG.md b/CHANGELOG.md index d4aa64f14..364a8276a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -33,6 +33,7 @@ - binja: support loading raw x86/x86_64 shellcode #2489 @xusheng6 - binja: fix crash when the IL of certain functions are not available. #2249 @xusheng6 - binja: major performance improvement on the binja extractor. #1414 @xusheng6 +- cape: make Process model flexible and procmemory optional to load newest reports #2466 @mr-tz ### capa Explorer Web diff --git a/capa/features/extractors/cape/models.py b/capa/features/extractors/cape/models.py index 20bedec24..c37eddd2a 100644 --- a/capa/features/extractors/cape/models.py +++ b/capa/features/extractors/cape/models.py @@ -297,7 +297,10 @@ class Call(ExactModel): id: int -class Process(ExactModel): +# FlexibleModel to account for extended fields +# refs: https://github.com/mandiant/capa/issues/2466 +# https://github.com/kevoreilly/CAPEv2/pull/2199 +class Process(FlexibleModel): process_id: int process_name: str parent_id: int @@ -400,7 +403,7 @@ class CapeReport(FlexibleModel): CAPE: Optional[Union[Cape, list]] = None dropped: Optional[list[File]] = None procdump: Optional[list[ProcessFile]] = None - procmemory: ListTODO + procmemory: Optional[ListTODO] = None # ========================================================================= # information we won't use in capa