Versions in this module Expand all Collapse all v4 v4.1.2 Sep 29, 2021 v4.1.1 Sep 24, 2021 Changes in this version + const ConfigMaxMatchData + const ConfigMaxStringsPerRule + const ConfigStackSize + const ERROR_CALLBACK_ERROR + const ERROR_CORRUPT_FILE + const ERROR_COULD_NOT_ATTACH_TO_PROCESS + const ERROR_COULD_NOT_MAP_FILE + const ERROR_COULD_NOT_OPEN_FILE + const ERROR_DUPLICATED_IDENTIFIER + const ERROR_DUPLICATED_LOOP_IDENTIFIER + const ERROR_DUPLICATED_META_IDENTIFIER + const ERROR_DUPLICATED_STRING_IDENTIFIER + const ERROR_DUPLICATED_STRUCTURE_MEMBER + const ERROR_DUPLICATED_TAG_IDENTIFIER + const ERROR_EXEC_STACK_OVERFLOW + const ERROR_INCLUDES_CIRCULAR_REFERENCE + const ERROR_INCLUDE_DEPTH_EXCEEDED + const ERROR_INSUFFICIENT_MEMORY + const ERROR_INTERNAL_FATAL_ERROR + const ERROR_INVALID_ARGUMENT + const ERROR_INVALID_FIELD_NAME + const ERROR_INVALID_FILE + const ERROR_INVALID_FORMAT + const ERROR_INVALID_HEX_STRING + const ERROR_INVALID_REGULAR_EXPRESSION + const ERROR_LOOP_NESTING_LIMIT_EXCEEDED + const ERROR_MISPLACED_ANONYMOUS_STRING + const ERROR_NESTED_FOR_OF_LOOP + const ERROR_NOT_A_FUNCTION + const ERROR_NOT_A_STRUCTURE + const ERROR_NOT_INDEXABLE + const ERROR_SCAN_TIMEOUT + const ERROR_SUCCESS + const ERROR_SYNTAX_ERROR + const ERROR_TOO_MANY_ARGUMENTS + const ERROR_TOO_MANY_MATCHES + const ERROR_TOO_MANY_SCAN_THREADS + const ERROR_UNDEFINED_IDENTIFIER + const ERROR_UNDEFINED_STRING + const ERROR_UNKNOWN_MODULE + const ERROR_UNREFERENCED_STRING + const ERROR_UNSUPPORTED_FILE_VERSION + const ERROR_WRONG_ARGUMENTS + const ERROR_WRONG_RETURN_TYPE + const ERROR_WRONG_TYPE + const ScanFlagsFastMode + const ScanFlagsProcessMemory + func Finalize() error + func GetConfiguration(name ConfigName) (interface{}, error) + func SetConfiguration(name ConfigName, src interface{}) error + type Compiler struct + Errors []CompilerMessage + Warnings []CompilerMessage + func NewCompiler() (*Compiler, error) + func (c *Compiler) AddFile(file *os.File, namespace string) (err error) + func (c *Compiler) AddString(rules string, namespace string) (err error) + func (c *Compiler) DefineVariable(identifier string, value interface{}) (err error) + func (c *Compiler) Destroy() + func (c *Compiler) DisableIncludes() + func (c *Compiler) GetRules() (*Rules, error) + func (c *Compiler) SetIncludeCallback(cb CompilerIncludeFunc) + type CompilerIncludeFunc func(name, filename, namespace string) []byte + type CompilerMessage struct + Filename string + Line int + Text string + type ConfigName uint32 + type Error struct + Code int + Namespace string + RuleIdentifier string + StringIdentifier string + func (e Error) Error() (errorString string) + type Match struct + func (m *Match) Base() int64 + func (m *Match) Data() []byte + func (m *Match) Length() int64 + func (m *Match) Offset() int64 + type MatchRule struct + Metas []Meta + Namespace string + Rule string + Strings []MatchString + Tags []string + type MatchRules []MatchRule + func (mr *MatchRules) RuleMatching(sc *ScanContext, r *Rule) (abort bool, err error) + type MatchString struct + Base uint64 + Data []byte + Length uint64 + Name string + Offset uint64 + type MemoryBlock struct + Base uint64 + FetchData func([]byte) + Size uint64 + type MemoryBlockIterator interface + First func() *MemoryBlock + Next func() *MemoryBlock + type MemoryBlockIteratorWithFilesize interface + Filesize func() uint64 + type Meta struct + Identifier string + Value interface{} + type Object struct + type ProfilingInfo struct + Cost uint64 + Rule *Rule + type Rule struct + func (r *Rule) Disable() + func (r *Rule) Enable() + func (r *Rule) Identifier() string + func (r *Rule) IsGlobal() bool + func (r *Rule) IsPrivate() bool + func (r *Rule) Metas() (metas []Meta) + func (r *Rule) Namespace() string + func (r *Rule) Strings() (strs []String) + func (r *Rule) Tags() (tags []string) + type Rules struct + func Compile(rules string, variables map[string]interface{}) (r *Rules, err error) + func LoadRules(filename string) (*Rules, error) + func MustCompile(rules string, variables map[string]interface{}) (r *Rules) + func ReadRules(rd io.Reader) (*Rules, error) + func (r *Rules) DefineVariable(identifier string, value interface{}) (err error) + func (r *Rules) Destroy() + func (r *Rules) GetRules() (rules []Rule) + func (r *Rules) Save(filename string) (err error) + func (r *Rules) ScanFile(filename string, flags ScanFlags, timeout time.Duration, cb ScanCallback) (err error) + func (r *Rules) ScanFileDescriptor(fd uintptr, flags ScanFlags, timeout time.Duration, cb ScanCallback) (err error) + func (r *Rules) ScanMem(buf []byte, flags ScanFlags, timeout time.Duration, cb ScanCallback) (err error) + func (r *Rules) ScanMemBlocks(mbi MemoryBlockIterator, flags ScanFlags, timeout time.Duration, ...) (err error) + func (r *Rules) ScanProc(pid int, flags ScanFlags, timeout time.Duration, cb ScanCallback) (err error) + func (r *Rules) Write(wr io.Writer) (err error) + type ScanCallback interface + type ScanCallbackFinished interface + ScanFinished func(*ScanContext) (bool, error) + type ScanCallbackMatch interface + RuleMatching func(*ScanContext, *Rule) (bool, error) + type ScanCallbackModuleImport interface + ImportModule func(*ScanContext, string) ([]byte, bool, error) + type ScanCallbackModuleImportFinished interface + ModuleImported func(*ScanContext, *Object) (bool, error) + type ScanCallbackNoMatch interface + RuleNotMatching func(*ScanContext, *Rule) (bool, error) + type ScanContext struct + func (sc *ScanContext) GetMatchStrings(r *Rule) (matchstrings []MatchString) + type ScanFlags int + type Scanner struct + Callback ScanCallback + func NewScanner(r *Rules) (*Scanner, error) + func (s *Scanner) DefineVariable(identifier string, value interface{}) (err error) + func (s *Scanner) Destroy() + func (s *Scanner) GetLastErrorRule() *Rule + func (s *Scanner) GetLastErrorString() *String + func (s *Scanner) GetProfilingInfo(n int) (result []ProfilingInfo) + func (s *Scanner) ResetProfilingInfo() + func (s *Scanner) ScanFile(filename string) (err error) + func (s *Scanner) ScanFileDescriptor(fd uintptr) (err error) + func (s *Scanner) ScanMem(buf []byte) (err error) + func (s *Scanner) ScanMemBlocks(mbi MemoryBlockIterator) (err error) + func (s *Scanner) ScanProc(pid int) (err error) + func (s *Scanner) SetCallback(cb ScanCallback) *Scanner + func (s *Scanner) SetFlags(flags ScanFlags) *Scanner + func (s *Scanner) SetTimeout(timeout time.Duration) *Scanner + type String struct + func (s *String) Identifier() string + func (s *String) Matches(sc *ScanContext) (matches []Match) Other modules containing this package github.com/VirusTotal/go-yara