Displaying 3 results from an estimated 3 matches for "3e55206ec".
2017 Apr 06
0
[PATCH v6 4/7] New API: yara_destroy
...ules loaded");
+ return -1;
+ }
+
+ yr_rules_destroy (rules);
+ rules = NULL;
+
+ return 0;
+}
+
/* Compile source code rules and load them.
* Return ERROR_SUCCESS on success, Yara error code type on error.
*/
diff --git a/generator/actions_yara.ml b/generator/actions_yara.ml
index 3e55206ec..9d93d9f11 100644
--- a/generator/actions_yara.ml
+++ b/generator/actions_yara.ml
@@ -45,4 +45,12 @@ it is recommended to compile them first.
Previously loaded rules will be destroyed." };
+ { defaults with
+ name = "yara_destroy"; added = (1, 37, 9);
+ style = RErr, [], []...
2017 Apr 06
0
[PATCH v6 3/7] New API: yara_load
...Actions_hivex.daemon_functions @
- Actions_tsk.daemon_functions
+ Actions_tsk.daemon_functions @
+ Actions_yara.daemon_functions
(* Some post-processing of the basic lists of actions. *)
diff --git a/generator/actions_yara.ml b/generator/actions_yara.ml
new file mode 100644
index 000000000..3e55206ec
--- /dev/null
+++ b/generator/actions_yara.ml
@@ -0,0 +1,48 @@
+(* libguestfs
+ * Copyright (C) 2009-2017 Red Hat Inc.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundati...
2017 Apr 06
14
[PATCH v6 0/7] Feature: Yara file scanning
v6:
- use new test functions
- fix yara_detection struct field names
- revert yara_load function to initial version
With Pino we were exploring the idea of allowing Users to load multiple
rule files with subsequent calls to yara_load API.
https://www.redhat.com/archives/libguestfs/2016-November/msg00119.html
It turns out impractical due to YARA API limitations. It is possible
to load multiple