Neo23x0
commented
3 years ago Ah, the wTestFilename name is misleading.
I fixed it in: https://github.com/Neo23x0/Raccine/commit/0079ece73a5b5021bf87342d38945835fb523d3a
Closed Neo23x0 closed 3 years ago
Neo23x0
commented
3 years ago Ah, the wTestFilename name is misleading.
I fixed it in: https://github.com/Neo23x0/Raccine/commit/0079ece73a5b5021bf87342d38945835fb523d3a
Eran-YT
commented
3 years ago You have both parameters in the class because the yara executable and the yara rules are in different directories
Note: Working on the new branch
yara-ext-varswith changes by @JohnLaTwCI am trying to figure out, why the rule matching process gets the wrong YARA rule directory. It uses
C:\ProgramData\Raccineinstead ofC:\ProgramData\Raccine\yaraCan someone explain to me, why the class definition expects two variables: yara_rules_dir, raccine_program_directory https://github.com/Neo23x0/Raccine/blob/yara-ext-vars/source/RaccineLib/YaraRuleRunner.cpp#L7
and the object instantiated from that class uses different values? https://github.com/Neo23x0/Raccine/blob/yara-ext-vars/source/RaccineLib/raccine.cpp#L49 Is that the wrong location?