secDre4mer
secDre4mer
I've implemented the suggestion here: https://github.com/secDre4mer/yara/commit/e6464c5d4db4b483a05651f0e2f2b39fdc5b41c4 It's limited to Windows so far, and only tested rudimentarily. Any suggestions for improvement are welcome.
Yes, agreed. I noticed that as well in my tests, but as you said, the risk becomes sufficiently small with large block sizes. The PR sets the default value to...
The pull request already includes commits that add the changes for the remaining platforms. I haven't tested FreeBSD or OpenBSD yet (I'm currently setting up a FreeBSD VM for the...
I've tested FreeBSD and OpenBSD now as well (and fixed a bug from my changes for both).
Possibly - I haven't created them and don't know. They're encrypted, might that cause the errors? Not panicing is definitely a good improvement for stability, thanks for that.
> I need to review this carefully, it's also a breaking change. Yeah, I know. I didn't really see a way to add multiple certificates to the output without any...
20%-25% increase in overall scanning speed sounds indeed promising. The API mismatch is annoying, though; It can probably be worked around (by YARA deduplicating the patterns and on match mapping...
> looks mostly good to me, left a few comments; can this be split in multiple commits? Sure, I'll try. Any ideas on how the commits should be structured? E.g....
Split is done.
> @secDre4mer sorry for the delay, I was on vacation; I ran CI and some tests are failing, could you please take a look? Don't worry about the delay, I...