From 22368fbe6f4d79479bfff6614f10ad3cc6e16848 Mon Sep 17 00:00:00 2001
From: mr-tz <moritz.raabe@mandiant.com>
Date: Wed, 9 Oct 2024 12:13:11 +0000
Subject: [PATCH 1/2] rename bin_search function

---
 capa/features/extractors/ida/helpers.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/capa/features/extractors/ida/helpers.py b/capa/features/extractors/ida/helpers.py
index a40ca3fda..fc22bc38d 100644
--- a/capa/features/extractors/ida/helpers.py
+++ b/capa/features/extractors/ida/helpers.py
@@ -41,7 +41,7 @@ def find_byte_sequence(start: int, end: int, seq: bytes) -> Iterator[int]:
             return
 
         while True:
-            ea, _ = ida_bytes.bin_search3(start, end, patterns, ida_bytes.BIN_SEARCH_FORWARD)
+            ea, _ = ida_bytes.bin_search(start, end, patterns, ida_bytes.BIN_SEARCH_FORWARD)
             if ea == idaapi.BADADDR:
                 break
             start = ea + 1

From f2c329b7683c5beba4e5dbf1585eb7aca8ec11ea Mon Sep 17 00:00:00 2001
From: mr-tz <moritz.raabe@mandiant.com>
Date: Wed, 9 Oct 2024 12:15:38 +0000
Subject: [PATCH 2/2] rename ida to idapro module for IDA 9.0

---
 CHANGELOG.md                           |  1 +
 capa/features/extractors/ida/idalib.py | 12 ++++++++----
 capa/loader.py                         |  4 ++--
 pyproject.toml                         |  2 +-
 4 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 97f0bfc20..f8368d30a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,6 +13,7 @@
 ### Bug Fixes
 
 - extractor: fix exception when PE extractor encounters unknown architecture #2440 @Tamir-K
+- IDA Pro: rename ida to idapro module for plugin and idalib in IDA 9.0 #2453 @mr-tz
 
 ### capa Explorer Web
 
diff --git a/capa/features/extractors/ida/idalib.py b/capa/features/extractors/ida/idalib.py
index df1e3172e..f0627971a 100644
--- a/capa/features/extractors/ida/idalib.py
+++ b/capa/features/extractors/ida/idalib.py
@@ -18,7 +18,7 @@
 
 def is_idalib_installed() -> bool:
     try:
-        return importlib.util.find_spec("ida") is not None
+        return importlib.util.find_spec("idapro") is not None
     except ModuleNotFoundError:
         return False
 
@@ -44,6 +44,7 @@ def get_idalib_user_config_path() -> Optional[Path]:
 def find_idalib() -> Optional[Path]:
     config_path = get_idalib_user_config_path()
     if not config_path:
+        logger.error("IDA Pro user configuration does not exist, please make sure you've installed idalib properly.")
         return None
 
     config = json.loads(config_path.read_text(encoding="utf-8"))
@@ -51,6 +52,9 @@ def find_idalib() -> Optional[Path]:
     try:
         ida_install_dir = Path(config["Paths"]["ida-install-dir"])
     except KeyError:
+        logger.error(
+            "IDA Pro user configuration does not contain location of IDA Pro installation, please make sure you've installed idalib properly."
+        )
         return None
 
     if not ida_install_dir.exists():
@@ -73,7 +77,7 @@ def find_idalib() -> Optional[Path]:
     if not idalib_path.exists():
         return None
 
-    if not (idalib_path / "ida" / "__init__.py").is_file():
+    if not (idalib_path / "idapro" / "__init__.py").is_file():
         return None
 
     return idalib_path
@@ -96,7 +100,7 @@ def has_idalib() -> bool:
 
 def load_idalib() -> bool:
     try:
-        import ida
+        import idapro
 
         return True
     except ImportError:
@@ -106,7 +110,7 @@ def load_idalib() -> bool:
 
         sys.path.append(idalib_path.absolute().as_posix())
         try:
-            import ida  # noqa: F401 unused import
+            import idapro  # noqa: F401 unused import
 
             return True
         except ImportError:
diff --git a/capa/loader.py b/capa/loader.py
index c4c8c1afa..f481d7b8d 100644
--- a/capa/loader.py
+++ b/capa/loader.py
@@ -323,7 +323,7 @@ def get_extractor(
         if not idalib.load_idalib():
             raise RuntimeError("failed to load IDA idalib module.")
 
-        import ida
+        import idapro
         import ida_auto
 
         import capa.features.extractors.ida.extractor
@@ -333,7 +333,7 @@ def get_extractor(
         # so as not to screw up structured output.
         with capa.helpers.stdout_redirector(io.BytesIO()):
             with console.status("analyzing program...", spinner="dots"):
-                if ida.open_database(str(input_path), run_auto_analysis=True):
+                if idapro.open_database(str(input_path), run_auto_analysis=True):
                     raise RuntimeError("failed to analyze input file")
 
             logger.debug("idalib: waiting for analysis...")
diff --git a/pyproject.toml b/pyproject.toml
index d3a5481a3..3416c3a9b 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -177,7 +177,7 @@ known_first_party = [
     "binaryninja",
     "flirt",
     "ghidra",
-    "ida",
+    "idapro",
     "ida_ida",
     "ida_auto",
     "ida_bytes",