Closed xusheng6 closed 11 months ago
stevemk14ebr
commented
1 year ago We use very basic yara features just to do signature scanning, so it's fine to link any version if it's compatible with go-yara. I did attempt to statically link, though if you're seeing issues I guess i've done it wrong:
xusheng6
commented
1 year ago We use very basic yara features just to do signature scanning, so it's fine to link any version if it's compatible with go-yara. I did attempt to statically link, though if you're seeing issues I guess i've done it wrong:
Yeah, the libyara is not statically linked
stevemk14ebr
commented
11 months ago Do you have any suggestions on how to correctly statically link the library?
Maybe related to this https://github.com/hillu/go-yara/issues/40
When I tried to run it on Ubuntu 22.04, I get an error message that
libyara.so.10is missing. I installed thelibyara-devwith apt, but it did not fix the problem, since the one that comes islibyara.so.8. Manually building the libyara following this guide https://yara.readthedocs.io/en/stable/gettingstarted.html generates alibyara.so.10and it works fine.Does GoReSym actually require the latest features of yara? Could it be built with an earlier version of it so that it runs out of the box on Ubuntu? Or, since yara comes with a quite permissive license (https://github.com/VirusTotal/yara/blob/master/COPYING), could GoReSym statically link with libyara.so.10?