Willi Ballenthin

sounds like i need to update the library in pypi (python-registry, too). i'll try to do this in the next few days. thanks @fatalflawburns for documenting the fix here!

we may be able to address this via FLIRT, too

@stevemk14ebr is this via the IDA plugin and/or with the cli tool? Seems to work for me using `capa.exe` but not with the IDA plugin:   

IDA does not detect the loop feature as expected:  @mike-hunhoff should be here: 

ah, there's a tail call to `sub_180001208` which IDA considers a distinct function:  

i wonder if we can add aplib to our open source FLIRT sigs to handle this more robustly @mr-tz edit: unfortunately, vcpkg doesn't have an aplib port.

IDA considers the head function and the tail function separate functions, while vivisect (the default analysis backend on cli) considers them one function. the loop feature is found in the...

It looks like one of the data layout mapping objects is not being initialized correctly, though I can't quite tell why from the stack trace. Have you been able to...

looks like the user has since deleted their account :-(

this took me 4hrs to run locally - its still pretty heavyweight. i agree about testing regularly, though i'm not sure whats feasible.