capa 0.4.1

File capability extractor.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

use crate::{
    Result,
    error::Error,
    security::{options::status::SecurityCheckStatus, parser::BinaryParser},
};
use std::path::Path;

pub(crate) mod elf;
pub(crate) mod options;
mod parser;
mod pe;

pub fn get_security_checks(
    path: &impl AsRef<Path>,
    options: &crate::BinarySecurityCheckOptions,
) -> Result<Vec<SecurityCheckStatus>> {
    use goblin::Object;

    let parser = BinaryParser::open(path.as_ref())?;

    let results = match parser.object() {
        Object::Elf(_elf) => {
            // "Binary file format is 'ELF'."
            elf::analyze_binary(&parser, options)
        }

        Object::PE(_pe) => {
            // "Binary file format is 'PE'."
            pe::analyze_binary(&parser, options)
        }

        Object::Mach(_mach) => {
            // "Binary file format is 'MACH'."
            Err(Error::UnsupportedBinaryFormat {
                format: "MACH".into(),
                path: path.as_ref().into(),
            })
        }

        Object::Unknown(_magic) => Err(Error::UnknownBinaryFormat(path.as_ref().into())),

        _ => Err(Error::UnknownBinaryFormat(path.as_ref().into())),
    }?;
    let statuses = results
        .into_iter()
        .map(|r| r.get_security_check_status().unwrap())
        .collect::<Vec<_>>();

    Ok(statuses)
}