Closed vthib closed 7 months ago
Global rules with string matches do not seem to behave properly anymore, and even if they do not match, normal rules that match are returned.
Steps to reproduce the behavior:
with this file:
global rule g1 { strings: $ = "g1" condition: all of them } rule foo { strings: $ = "foo" condition: all of them }
and an input foo, the foo rule is reported as matching, but should not, since the global rule did not match.
foo
yara 4.3.1 does not have the bug, not does yara 4.4.0, but master has it.
Bisecting seems to indicate this commit introduced the regression: https://github.com/VirusTotal/yara/commit/b26b00019f851f66bbd34e069adc53c31a38852a
Global rules with string matches do not seem to behave properly anymore, and even if they do not match, normal rules that match are returned.
Steps to reproduce the behavior:
with this file:
and an input
foo, thefoorule is reported as matching, but should not, since the global rule did not match.yara 4.3.1 does not have the bug, not does yara 4.4.0, but master has it.
Bisecting seems to indicate this commit introduced the regression: https://github.com/VirusTotal/yara/commit/b26b00019f851f66bbd34e069adc53c31a38852a