From 76a4a5899f814b8c260c86dbed0df13bdc49edc6 Mon Sep 17 00:00:00 2001 From: Willi Ballenthin Date: Thu, 6 Jun 2024 10:41:59 +0200 Subject: [PATCH] test_scripts: avoid unsupported logic combinations --- tests/test_scripts.py | 22 ++++------------------ 1 file changed, 4 insertions(+), 18 deletions(-) diff --git a/tests/test_scripts.py b/tests/test_scripts.py index 77a4e77c0..052b1c89b 100644 --- a/tests/test_scripts.py +++ b/tests/test_scripts.py @@ -130,8 +130,8 @@ def test_detect_duplicate_features(tmpdir): - or: - arch: i386 - number: 4 - - not: - - count(mnemonic(xor)): 5 + - not: + - count(mnemonic(xor)): 5 - not: - os: linux """ @@ -162,7 +162,7 @@ def test_detect_duplicate_features(tmpdir): static: function dynamic: process features: - - or: + - and: - not: - number: 4 - basic block: @@ -171,19 +171,6 @@ def test_detect_duplicate_features(tmpdir): - number: 2 """ ), - "rule_4": textwrap.dedent( - """ - rule: - meta: - name: Test Rule 4 - scopes: - static: function - dynamic: process - features: - - not: - - string: "expa" - """ - ), } """ @@ -193,11 +180,10 @@ def test_detect_duplicate_features(tmpdir): The overlaps are like: - Rule 0 has zero overlaps in RULESET - Rule 1 overlaps with 3 other rules in RULESET - - Rule 4 overlaps with itself in RULESET These overlap values indicate the number of rules with which each rule in RULESET has overlapping features. """ - rule_overlaps = [0, 4, 3, 3, 1] + rule_overlaps = [0, 4, 3, 3] rule_dir = tmpdir.mkdir("capa_rule_overlap_test") rule_paths = []