Giter VIP home page Giter VIP logo

yara-java's People

Contributors

cblades avatar dependabot[bot] avatar m91snik avatar p8a avatar viprerk avatar y1z2g3 avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar

Forkers

pombredanne jasonparallel siddharthtyagi taducloud m91snik cblades threatconnect-inc wjsl jayaramcs capacitorset clevekim00 nexusfuzzy icoscx ronnycalderon sleuthkit muntashirakon mwxiaomao y1z2g3 michaelpdu vivek-arunachalam jdeaver catatonicprime fabianfrz craiovea virangdoshi

yara-java's Issues

Buffer over-read possible with yara_match_value()

1894dd7 modified yara_match_value to account for changes in Yara 3.5.0. It appears that this was not done correctly and can result in over-reading the YARA_MATCH->data buffer. According to the Yara documentation data_length should be used as the actual length of data. match_length is the true length of the match, but not necessarily the length of the data buffer.

How to exactly use yara-java

I tried building yara-java on Ubuntu and even the terminal inside Android Studio but the tests failed so I built it without the test cases, using the command mvn install -DskipTests.
I wanted to run a main program with some rules on a test file, to achieve this how should I go about it?
Also, I want to do so on Android Studio, so is it possible to use yara-java on Android Studio?
Any help will be much appreciated!

Build fails on 64-bit Windows at hawtjni-plugin

I'm building yara-java on a 64-bit Windows 7 machine. Following the instructions on the main Github page, I get stuck at "mvn clean install":

$ mvn clean install -e
[INFO] Error stacktraces are turned on.
[INFO] Scanning for projects...
[WARNING]
[WARNING] Some problems were encountered while building the effective model for com.github.plusvic:libyara:jar:3.5.0-SNAPSHOT
[WARNING] The expression ${artifactId} is deprecated. Please use ${project.artifactId} instead.
[WARNING] The expression ${version} is deprecated. Please use ${project.version} instead.
[WARNING]
[WARNING] It is highly recommended to fix these problems because they threaten the stability of your build.
[WARNING]
[WARNING] For this reason, future Maven versions might no longer support building such malformed projects.
[WARNING]
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building libyara 3.5.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- maven-clean-plugin:2.3:clean (default-clean) @ libyara ---
[INFO] Deleting file set: C:\users\elliott\git\yara\yara-java\target (included: [**], excluded: [])
[INFO]
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ libyara ---
[WARNING] Using platform encoding (Cp1252 actually) to copy filtered resources, i.e. build is platform dependent!
[INFO] skip non existing resourceDirectory C:\users\elliott\git\yara\yara-java\src\main\resources
[INFO]
[INFO] --- maven-compiler-plugin:3.1:compile (default-compile) @ libyara ---
[INFO] Changes detected - recompiling the module!
[WARNING] File encoding has not been set, using platform encoding Cp1252, i.e. build is platform dependent!
[INFO] Compiling 38 source files to C:\users\elliott\git\yara\yara-java\target\classes
[INFO]
[INFO] --- maven-hawtjni-plugin:1.14:generate (default) @ libyara ---
[INFO] Analyzing classes...
[INFO] Generating...
[INFO] Wrote: C:\users\elliott\git\yara\yara-java\target\generated-sources\hawtjni\native-src\yara-wrapper.c
[INFO] Wrote: C:\users\elliott\git\yara\yara-java\target\generated-sources\hawtjni\native-src\yara-wrapper_stats.h
[INFO] Wrote: C:\users\elliott\git\yara\yara-java\target\generated-sources\hawtjni\native-src\yara-wrapper_stats.c
[INFO] Wrote: C:\users\elliott\git\yara\yara-java\target\generated-sources\hawtjni\native-src\yara-wrapper_structs.h
[INFO] Wrote: C:\users\elliott\git\yara\yara-java\target\generated-sources\hawtjni\native-src\yara-wrapper_structs.c
[INFO] Wrote: C:\users\elliott\git\yara\yara-java\target\generated-sources\hawtjni\native-src\hawtjni.h
[INFO] Wrote: C:\users\elliott\git\yara\yara-java\target\generated-sources\hawtjni\native-src\hawtjni.c
[INFO] Wrote: C:\users\elliott\git\yara\yara-java\target\generated-sources\hawtjni\native-src\hawtjni-callback.c
[INFO] Wrote: C:\users\elliott\git\yara\yara-java\target\generated-sources\hawtjni\native-src\windows\stdint.h
[INFO] Done.
[INFO]
[INFO] --- maven-hawtjni-plugin:1.14:build (default) @ libyara ---
[INFO] executing: cmd.exe /X /C "vcbuild /platform:x64 vs2008.vcproj release"
[INFO] Microsoft (R) Visual C++ Project Builder - Command Line Version 9.00.30729
[INFO] Copyright (C) Microsoft Corporation. All rights reserved.
[INFO]
[INFO] Build started: Project: yara-wrapper, Configuration: release|x64
[INFO] Compiling...
[INFO] yara-wrapper_structs.c
[INFO] c:\users\elliott\git\yara\yara-java\target\native-build\src\yara-wrapper.h(4) : fatal error C1083: Cannot open include file: 'yara.h': No such file or directory
[INFO] yara-wrapper_stats.c
[INFO] yara-wrapper.c
[INFO] c:\users\elliott\git\yara\yara-java\target\native-build\src\yara-wrapper.h(4) : fatal error C1083: Cannot open include file: 'yara.h': No such file or directory
[INFO] hawtjni.c
[INFO] hawtjni-callback.c
[INFO] 1>.\src\hawtjni-callback.c(779) : warning C4244: 'return' : conversion from 'jlong' to 'jint', possible loss of data
[INFO] Build log was saved at "file://c:\Users\elliott\git\yara\yara-java\target\native-build\target\x64-release\obj\BuildLog.htm"
[INFO] yara-wrapper - 2 error(s), 1 warning(s)
[INFO] rc: 1
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 3.883 s
[INFO] Finished at: 2017-01-16T16:00:45-07:00
[INFO] Final Memory: 18M/220M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.fusesource.hawtjni:maven-hawtjni-plugin:1.14:build (default) on project libyara: build failed: org.apache.maven.plugin.MojoExecutionException: vcbuild failed with exit code: 1 -> [Help 1]
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.fusesource.hawtjni:maven-hawtjni-plugin:1.14:build (default) on project libyara: build failed: org.apache.maven.plugin.MojoExecutionException: vcbuild failed with exit code: 1
        at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:212)
        at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153)
        at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145)
        at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:116)
        at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:80)
        at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build(SingleThreadedBuilder.java:51)
        at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:128)
        at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:307)
        at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:193)
        at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:106)
        at org.apache.maven.cli.MavenCli.execute(MavenCli.java:863)
        at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:288)
        at org.apache.maven.cli.MavenCli.main(MavenCli.java:199)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:497)
        at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:289)
        at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:229)
        at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:415)
        at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:356)
Caused by: org.apache.maven.plugin.MojoExecutionException: build failed: org.apache.maven.plugin.MojoExecutionException: vcbuild failed with exit code: 1
        at org.fusesource.hawtjni.maven.BuildMojo.execute(BuildMojo.java:254)
        at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:134)
        at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:207)
        ... 20 more
Caused by: org.apache.maven.plugin.MojoExecutionException: vcbuild failed with exit code: 1
        at org.fusesource.hawtjni.maven.BuildMojo.vsBasedBuild(BuildMojo.java:308)
        at org.fusesource.hawtjni.maven.BuildMojo.execute(BuildMojo.java:243)
        ... 22 more
[ERROR]
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException

I essentially understand the "No such file or directory" errors - it can't locate the rest of the YARA C++ files it needs to build the wrapper project - but I'm not sure what to try debugging from here. It just looks like some of the C++ source files aren't getting copied, or maybe the yara-wrapper header can't locate the source files in their original locations.

I'm not an expert with Maven or C++ compilers, but I noticed that there's no profile in the pom file for Windows... does this need to be added?

Let me know if I can provide any additional information.

Question regarding thread safety

I would like to use yara-java in a multithreaded environment. Which classes can be reused across multiple threads and which cannot? I am using the same rules for all files that I scan. In a simple performance test I get close to a 50% performance increase when reusing the YaraScanner object. I just don't know if it is safe to do so.

Build fails on Linux on hawtjni-plugin step

Hi,

I've tried to build yara-java on OpenSuse Leap and I followed instructions to clone and make Yara first of all and after that clone yara-java to corresponding directory and run mvn clean install there.

I noticed that hawtjni-plugin plugin was configured only for mac, so I've added unix profile as

<id>unix</id>
<activation><os><family>unix</family></os></activation>
<build>
    <plugins>
        <plugin>
            <groupId>org.fusesource.hawtjni</groupId>
            <artifactId>maven-hawtjni-plugin</artifactId>
            <configuration>
                <osgiPlatforms>
                    <osgiPlatform>osname=Linux;processor=x86-64</osgiPlatform>
                </osgiPlatforms>
                <configureArgs>
                    <arg>--with-universal=x86_64</arg>
                    <arg>--disable-shared</arg>
                </configureArgs>
                <platform>linux64</platform>
            </configuration>
        </plugin>
    </plugins>
</build>

without --disable-shared arg I'm getting error

[INFO] *** static library /opt/workspace/samples/yara/yara-java/target/native-build/../../../libyara/.libs/libyara.a is not portable!
[INFO] libtool: link: gcc -shared  -fPIC -DPIC  src/.libs/yara-wrapper_stats.o src/.libs/yara-wrapper.o src/.libs/yara-wrapper_structs.o src/.libs/hawtjni.o src/.libs/hawtjni-callback.o   /opt/workspace/samples/yara/yara-java/target/native-build/../../../libyara/.libs/libyara.a  -O2   -Wl,-soname -Wl,libyara-wrapper-3.4.0-SNAPSHOT.so -o .libs/libyara-wrapper-3.4.0-SNAPSHOT.so
[INFO] /usr/lib64/gcc/x86_64-suse-linux/4.8/../../../../x86_64-suse-linux/bin/ld: /opt/workspace/samples/yara/yara-java/target/native-build/../../../libyara/.libs/libyara.a(compiler.o): relocation R_X86_64_32 against `yr_object_destroy' can not be used when making a shared object; recompile with -fPIC
[INFO] /opt/workspace/samples/yara/yara-java/target/native-build/../../../libyara/.libs/libyara.a: error adding symbols: Bad value

and with --disable-shared as in config above, I'm getting

Make based build did not generate: /opt/workspace/samples/yara/yara-java/target/native-build/target/lib/libyara-wrapper.so

but in the same time I see in lib64 directory that wrapper library is generated as .a:

yara-java/target/native-build/target/lib64> ls
libyara-wrapper.a  libyara-wrapper.la

@p8a, have you checked yara-java on non-mac platforms? May be you have advices about solving this issue

Build fails on Windows 8.1....missing yara.h file.

Trying to build yara-java on Windows 8.1/64 bit. Per the readme.md file, I installed the Windows 7 SDK (which went fine) and then when building, I get the following. I must be missing something as I don't see a yara.h file anywhere. You can I use Netbeans. I also just tried it directly in a command window running:

vcbuild /platform:x64 vs2008.vcproj release

And got the same set of errors:

Compiling...
yara-wrapper_structs.c
c:\users\gshepherd\documents\netbeansprojects\yara-java\target\native-build\src\yara-wrapper.h(4) : fatal error C1083: Cannot open include file: 'yara.h': No such file or directory
yara-wrapper.c
c:\users\gshepherd\documents\netbeansprojects\yara-java\target\native-build\src\yara-wrapper.h(4) : fatal error C1083: Cannot open include file: 'yara.h': No such file or directory
Build log was saved at "file://c:\Users\gshepherd\Documents\NetBeansProjects\yara-java\target\native-build\target\x64-release\obj\BuildLog.htm"
yara-wrapper - 2 error(s), 0 warning(s)

What am I missing?

License for Project

I do not see any license information in the project. Did you intend to release it under one of the open source licenses (such as the MIT or apache license)?

Native build / OS X 10.11.6

Configuration:
Macbook Pro Mid-2015 / OS X 10.11.6
openssl 1.0.2 installed separately to /usr/local/opt/openssl

configure [maven-hawtjni-plugin] was blowing up on the separate <arg>-L/usr/local/opt/openssl/lib</arg>. I found it builds correctly by combining all the linker arguments into the same <arg/>:

<arg>LDFLAGS=${jni-with-crypto} -L/usr/local/opt/openssl/lib -lcrypto</arg>

Do you know if anyone else has run into this issue?

error: 'YR_MATCH' has no member named 'match_length'

When I build yara-java on Linux64 I get
[INFO] executing: /bin/sh -c make install [INFO] /bin/sh ./libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I./src -g -O2 -I/home/m91snik/workspace/samples/yara/yara-java/target/native-build/../../../libyara/include -I/opt/env/jdk1.8.0_65/include -I/opt/env/jdk1.8.0_65/include/linux -c -o src/yara-wrapper.lo src/yara-wrapper.c [INFO] libtool: compile: gcc -DHAVE_CONFIG_H -I. -I./src -g -O2 -I/home/m91snik/workspace/samples/yara/yara-java/target/native-build/../../../libyara/include -I/opt/env/jdk1.8.0_65/include -I/opt/env/jdk1.8.0_65/include/linux -c src/yara-wrapper.c -fPIC -DPIC -o src/.libs/yara-wrapper.o [INFO] In file included from src/yara-wrapper.c:2:0: [INFO] src/yara-wrapper.h: In function 'yara_match_value': [INFO] src/yara-wrapper.h:145:36: error: 'YR_MATCH' has no member named 'match_length' [INFO] if (0 != (buffer = malloc(match->match_length + 1))) { [INFO] ^ [INFO] src/yara-wrapper.h:146:32: error: 'YR_MATCH' has no member named 'match_length' [INFO] memset(buffer, 0, match->match_length + 1); [INFO] ^ [INFO] In file included from /usr/include/string.h:631:0, [INFO] from /home/m91snik/workspace/samples/yara/yara-java/target/native-build/../../../libyara/include/yara/modules.h:22, [INFO] from /home/m91snik/workspace/samples/yara/yara-java/target/native-build/../../../libyara/include/yara.h:23, [INFO] from src/yara-wrapper.h:4, [INFO] from src/yara-wrapper.c:2: [INFO] src/yara-wrapper.h:147:57: error: 'YR_MATCH' has no member named 'match_length' [INFO] strncpy(buffer, (const char* )match->data, match->match_length);

@p8a , please note that I was able to build yara-java on Linux64 after this fix #11, but now it's not possible again.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.