Displaying 8 results from an estimated 8 matches for "guestfs_yara_scan".
2019 Dec 10
2
Re: Libguestfs with Yara rules error
On Tue, Dec 10, 2019 at 09:19:47AM +0100, Luis wrote:
> I am using libguestfs 1.40.2 and yara 3.11.0 but when I execute my program
> it thoughts the following error:
>
> $> ./yara-guestfs
> libguestfs: error: yara_load: feature 'libyara' is not available in this
> build of libguestfs. Read 'AVAILABILITY' in the guestfs(3) man page for
>
> If we check
2019 Dec 21
1
Re: Libguestfs with Yara rules error
Sorry Richard. Now I will attach you debug file.
El 21/12/2019 a las 16:38, Luis Fueris escribió:
>
> Hi Richard.
>
> Few days ago, I installed libyara a libguestfs properly. But when I
> load a yara rule and scan it via guestfs_yara_scan, my binary
> throughts following error:
>
> libguestfs: error: deserialise_yara_detection_list: Success
>
> And function exists with NULL value. As we can see this function is on
> lib/yara.c from libguestfs git. I think that these yara functions are
> an integration for yar...
2019 Dec 21
0
Re: Libguestfs with Yara rules error
Hi Richard.
Few days ago, I installed libyara a libguestfs properly. But when I load
a yara rule and scan it via guestfs_yara_scan, my binary throughts
following error:
libguestfs: error: deserialise_yara_detection_list: Success
And function exists with NULL value. As we can see this function is on
lib/yara.c from libguestfs git. I think that these yara functions are an
integration for yara C api. All debug and trace log...
2017 Apr 24
0
[PATCH v8 4/8] New API: yara_load
...ptional = Some "libyara";
+ shortdesc = "load yara rules within libguestfs";
+ longdesc = "\
+Upload a set of Yara rules from local file F<filename>.
+
+Yara rules allow to categorize files based on textual or binary patterns
+within their content.
+See C<guestfs_yara_scan> to see how to scan files with the loaded rules.
+
+Rules can be in binary format, as when compiled with yarac command, or
+in source code format. In the latter case, the rules will be first
+compiled and then loaded.
+
+Rules in source code format cannot include external files. In such cases,
+...
2017 Apr 25
8
[PATCH v9 0/7] Feature: Yara file scanning
v9:
- fixes according to comments
Matteo Cafasso (7):
daemon: expose file upload logic
appliance: add yara dependency
New API: yara_load
New API: yara_destroy
New API: internal_yara_scan
New API: yara_scan
yara_scan: added API tests
appliance/packagelist.in | 4 +
configure.ac | 1 +
daemon/Makefile.am | 4 +-
2017 Apr 24
10
[PATCH v8 0/8] Feature: Yara file scanning
v8:
- Ignore returned value in daemon/upload.c
- Report serialization errors in lib/yara.c
Matteo Cafasso (8):
daemon: ignore unused return value in upload function
daemon: expose file upload logic
appliance: add yara dependency
New API: yara_load
New API: yara_destroy
New API: internal_yara_scan
New API: yara_scan
yara_scan: added API tests
appliance/packagelist.in
2017 Apr 23
11
[PATCH v7 0/7] Feature: Yara file scanning
v7:
- Fixes according to comments
- Rebase on top of 1.37.12
Matteo Cafasso (7):
daemon: expose file upload logic
appliance: add yara dependency
New API: yara_load
New API: yara_destroy
New API: internal_yara_scan
New API: yara_scan
yara_scan: added API tests
appliance/packagelist.in | 4 +
configure.ac | 1 +
daemon/Makefile.am
2017 Apr 06
14
[PATCH v6 0/7] Feature: Yara file scanning
v6:
- use new test functions
- fix yara_detection struct field names
- revert yara_load function to initial version
With Pino we were exploring the idea of allowing Users to load multiple
rule files with subsequent calls to yara_load API.
https://www.redhat.com/archives/libguestfs/2016-November/msg00119.html
It turns out impractical due to YARA API limitations. It is possible
to load multiple