search

VirusTotal / yara-x

A rewrite of YARA in Rust.
https://virustotal.github.io/yara-x/
BSD 3-Clause "New" or "Revised" License
631 stars 50 forks source link

feat: mach-o import parsing and import hash function #135

Closed latonis closed 1 week ago

latonis commented 4 months ago

Parsing imports for Mach-O as well as the accompanying import_hash() function.

latonis commented 3 months ago

I need to refactor the sleb parsing to mirror the simplification done in https://github.com/VirusTotal/yara-x/commit/1bd014d8f8eaf9a628c4efccd0c7c57d795c69f4 to the uleb parser.

I think in the end, we likely want to keep imports and exports as UTF-8 strings as that is how it is defined in the docs.

latonis commented 3 months ago

I will fix sleb to be panic free like uleb has been as well as merge conflicts. Will then fuzz for a while to ensure everything is good 🙏