Skip to content

Commit

Permalink
render: verbose: render dynamic call return address
Browse files Browse the repository at this point in the history
  • Loading branch information
@williballenthin
williballenthin authored Aug 11, 2023
1 parent dafbefb commit f48e4a8
Showing 1 changed file with 2 additions and 4 deletions.
6 changes: 2 additions & 4 deletions capa/render/verbose.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,10 +56,8 @@ def format_address(address: frz.Address) -> str:
return f"token({capa.helpers.hex(token)})+{capa.helpers.hex(offset)}"
elif address.type == frz.AddressType.DYNAMIC:
assert isinstance(address.value, tuple)
id_, return_address = address.value
assert isinstance(id_, int)
assert isinstance(return_address, int)
return f"event: {id_}, retaddr: 0x{return_address:x}"
ppid, pid, tid, id_, return_address = address.value
return f"process ppid: {ppid}, process pid: {pid}, thread id: {tid}, call: {id_}, return address: {capa.helpers.hex(return_address)}"
elif address.type == frz.AddressType.PROCESS:
assert isinstance(address.value, tuple)
ppid, pid = address.value
Expand Down

0 comments on commit f48e4a8

Please sign in to comment.