From 5c9b3a2614965b683d3d532d38837de6d444ca9e Mon Sep 17 00:00:00 2001 From: TAMIR-K Date: Sat, 5 Oct 2024 16:08:22 +0300 Subject: [PATCH 1/2] Add try except clause --- capa/features/extractors/pefile.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/capa/features/extractors/pefile.py b/capa/features/extractors/pefile.py index 1ae56378c..1dd478adf 100644 --- a/capa/features/extractors/pefile.py +++ b/capa/features/extractors/pefile.py @@ -130,7 +130,13 @@ def extract_file_arch(pe, **kwargs): elif pe.FILE_HEADER.Machine == pefile.MACHINE_TYPE["IMAGE_FILE_MACHINE_AMD64"]: yield Arch(ARCH_AMD64), NO_ADDRESS else: - logger.warning("unsupported architecture: %s", pefile.MACHINE_TYPE[pe.FILE_HEADER.Machine]) + try: + logger.warning( + "unsupported architecture: %s", + pefile.MACHINE_TYPE[pe.FILE_HEADER.Machine], + ) + except KeyError: + logger.warning("unknown architecture: %s", pe.FILE_HEADER.Machine) def extract_file_features(pe, buf): From 60015e75bed495c21bc9ab4419ffd3d8919eb7c2 Mon Sep 17 00:00:00 2001 From: TAMIR-K Date: Sat, 5 Oct 2024 16:24:24 +0300 Subject: [PATCH 2/2] Add to changelog --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index c9860292f..97f0bfc20 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,8 @@ ### Bug Fixes +- extractor: fix exception when PE extractor encounters unknown architecture #2440 @Tamir-K + ### capa Explorer Web ### capa Explorer IDA Pro plugin