[Forensics-changes] [yara] 06/160: python: Add simple test for yara.load(FILE-LIKE-OBJECT)
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:29:12 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.4.0
in repository yara.
commit 8776e415009d4018c5f0d0702a474f016bd8bdb7
Author: Hilko Bengen <bengen at debian.org>
Date: Mon Feb 9 20:31:00 2015 +0100
python: Add simple test for yara.load(FILE-LIKE-OBJECT)
---
yara-python/tests.py | 106 ++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 105 insertions(+), 1 deletion(-)
diff --git a/yara-python/tests.py b/yara-python/tests.py
index fe335f8..60edf6a 100644
--- a/yara-python/tests.py
+++ b/yara-python/tests.py
@@ -20,7 +20,11 @@ import os
import sys
import unittest
import yara
-
+# Python 2/3
+try:
+ import StringIO
+except:
+ import io
PE32_FILE = binascii.unhexlify('\
4d5a000000000000000000000000000000000000000000000000000000000000\
@@ -66,6 +70,95 @@ b801000000bb2a000000cd8000546865204e65747769646520417373656d626c\
ab000000000000001a0000000000000000000000000000000100000000000000\
0000000000000000')
+# generated from
+# rule test { condition: true }
+YAC_FILE = binascii.unhexlify('\
+59415241590a000006000000005008000000000000a8090000000000003d0800\
+000000000024000000000000002c00000000000000002c00000000000000daba\
+faff000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000d01000000000000001b5008000000000000ff00000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000540a00\
+0000000000dabafaff00000000dabafaff00000000dabafaff00000000c40900\
+000000000000100000fafafafafafafafafafafafafafafafafafafafafafafa\
+fafafafafafafafafafafafafafafafafafafafafafafafafafafafafafafafa\
+fafafafafafafafafafafafafafafafafafafafafafafafafafafafafafafafa\
+fafafafafafafafafafafafafafafafafafafafafafafafafafafafafafafafa\
+fafafafafafafafafafafafafafafafafafafafafafafafafafafafafafafafa\
+fafafafafafafafafafafafafafafafafa00000000fafafafafafafafafafafa\
+fafafafafafafafafafafafafa00000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+0000000000000000000000000000000000000000000000000000000000000000\
+000000000000000000000000004c0a00000000000064656661756c7400746573\
+7400040000000c000000140000001c000000240000002d000000350000004708\
+0000d4080000dc080000ec080000e4080000f4080000440a0000ffffffff')
+
# The 3 possible outcomes for each pattern
[SUCCEED, FAIL, SYNTAX_ERROR] = range(3)
@@ -829,6 +922,17 @@ class TestYara(unittest.TestCase):
'rule test { condition: uint32be(0) == 0xAABBCCDD}',
], b'\xAA\xBB\xCC\xDD')
+ def testStringIO(self):
+
+ # Python 2/3
+ try:
+ yac = StringIO.StringIO(YAC_FILE)
+ except:
+ yac = io.BytesIO(YAC_FILE)
+
+ r = yara.load(yac)
+ m = r.match(data="dummy")
+ self.assertTrue(len(m) == 1)
if __name__ == "__main__":
unittest.main()
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list