How to fix undefinied idenfier filename in Linux

[HydraDragonAntivirus]

Error compiling YARA rule from /home/emirhanucan/Masaüstü/Antivirus/YARA/Florian_Roth_index.yara: line 34838: undefined identifier "filename" Error compiling YARA rule from /home/emirhanucan/Masaüstü/Antivirus/YARA/FlorianRoth.yara: line 118229: undefined identifier "filename"

Function to load YARA rules from a folder

def load_yara_rules(yara_folder, filename=None): yara_rules = [] for root, dirs, files in os.walk(yara_folder): for file in files: if file.endswith(".yara"): rule_file = os.path.join(root, file) try: with open(rule_file, 'rb') as f:

Read the binary content and decode it using a suitable encoding

                    yara_content = f.read().decode('latin-1')  # Adjust the encoding if needed

                # If filename is provided, replace "filename" with the actual filename
                if filename:
                    filename_bytes = filename.encode('utf-8')  # Convert to bytes
                    yara_content = yara_content.replace('filename', filename_bytes.decode('utf-8'))

                # Compile the modified YARA content
                rules = yara.compile(source=yara_content)
                yara_rules.append(rules)
            except yara.Error as e:
                print(f"Error compiling YARA rule from {rule_file}: {e}")
            except UnicodeDecodeError as ude:
                print(f"Error decoding YARA rule from {rule_file}: {ude}")
return yara_rules

[phantinuss]

What code are you executing? / What is your question?

[HydraDragonAntivirus]

I executing my Antivirus created by me. My question is how to fix undefinied idenfier error at filename function.

[Neo23x0]

Either by not using the rules that use external variables or by defining the variable.

[phantinuss]

It's a YARA feature. You can look e.g. here https://yara.readthedocs.io/en/stable/writingrules.html#external-variables

[HydraDragonAntivirus]

Ok I'm going to delete the problematic lines. Thanks!