Update libyara package to fix bug with compile messages and add support for console module

2025-04-22 07:46:16 -04:00 · 2022-09-18 16:11:04 +01:00 · 2022-09-18 16:11:04 +01:00 · 28ec56a27f
commit 28ec56a27f
parent 8f710461da
4 changed files with 77 additions and 15 deletions
--- a/src/core/operations/YARARules.mjs
+++ b/src/core/operations/YARARules.mjs
@ -52,7 +52,17 @@ class YARARules extends Operation {
                name: "Show counts",
                type: "boolean",
                value: true
-            }
+            },
+            {
+                name: "Show rule warnings",
+                type: "boolean",
+                value: true
+            },
+            {
+                name: "Show console module messages",
+                type: "boolean",
+                value: true
+            },
        ];
    }

@ -64,7 +74,7 @@ class YARARules extends Operation {
    async run(input, args) {
        if (isWorkerEnvironment())
            self.sendStatusMessage("Instantiating YARA...");
-        const [rules, showStrings, showLengths, showMeta, showCounts] = args;
+        const [rules, showStrings, showLengths, showMeta, showCounts, showRuleWarns, showConsole] = args;
        return new Promise((resolve, reject) => {
            Yara().then(yara => {
                if (isWorkerEnvironment()) self.sendStatusMessage("Converting data for YARA.");
@ -83,11 +93,19 @@ class YARARules extends Operation {
                        const compileError = resp.compileErrors.get(i);
                        if (!compileError.warning) {
                            reject(new OperationError(`Error on line ${compileError.lineNumber}: ${compileError.message}`));
-                        } else {
-                            matchString += `Warning on line ${compileError.lineNumber}: ${compileError.message}`;
+                        } else if (showRuleWarns) {
+                            matchString += `Warning on line ${compileError.lineNumber}: ${compileError.message}\n`;
                        }
                    }
                }
+
+                if (showConsole) {
+                    const consoleLogs = resp.consoleLogs;
+                    for (let i = 0; i < consoleLogs.size(); i++) {
+                        matchString += consoleLogs.get(i) + "\n";
+                    }
+                }
+
                const matchedRules = resp.matchedRules;
                for (let i = 0; i < matchedRules.size(); i++) {
                    const rule = matchedRules.get(i);
@ -100,11 +118,11 @@ class YARARules extends Operation {
                        }
                        meta = meta.slice(0, -2) + "]";
                    }
-                    const countString = matches.size() === 0 ? "" : (showCounts ? `${matches.size()} time${matches.size() > 1 ? "s" : ""}` : "");
+                    const countString = matches.size() === 0 ? "" : (showCounts ? ` (${matches.size()} time${matches.size() > 1 ? "s" : ""})` : "");
                    if (matches.size() === 0 || !(showStrings || showLengths)) {
                        matchString += `Input matches rule "${rule.ruleName}"${meta}${countString.length > 0 ? ` ${countString}`: ""}.\n`;
                    } else {
-                        matchString += `Rule "${rule.ruleName}"${meta} matches (${countString}):\n`;
+                        matchString += `Rule "${rule.ruleName}"${meta} matches${countString}:\n`;
                        for (let j = 0; j < matches.size(); j++) {
                            const match = matches.get(j);
                            if (showStrings || showLengths) {