Merge branch 'VirusTotal:main' into macho-linker-options

.github/workflows/python.yaml

@@ -14,7 +14,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        python-version: [ "3.8", "3.9", "3.10", "3.11", "3.12" ]
+        python-version: [ "3.9", "3.10", "3.11", "3.12" ]
         os: [ ubuntu-latest, macos-latest, windows-latest ]
     runs-on: ${{ matrix.os }}
     steps:

.github/workflows/release.yaml

@@ -3,6 +3,8 @@ on:
   create:
     tags:
     - 'v*'
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
 jobs:
   build:
     if: ${{ startsWith(github.ref, 'refs/tags/v') }}
@@ -98,7 +100,6 @@ jobs:
       matrix:
         python-version:
         - cp39
-        - pp38
         - pp39
         - pp310
         build:
@@ -138,7 +139,7 @@ jobs:
     - name: Install Python
       uses: actions/setup-python@v5
       with:
-        python-version: '3.9'
+        python-version: '3.12'
 
     - run: rustup target add aarch64-apple-darwin x86_64-apple-darwin
       if: matrix.build == 'macos'
@@ -149,12 +150,13 @@ jobs:
     - name: Build sdist
       if: matrix.build == 'linux' && matrix.python-version == 'cp39'
       run: |
-        pip install maturin==1.7.1
+        pip install maturin==1.7.4
         maturin sdist --manifest-path py/Cargo.toml -o wheelhouse
 
     - name: Build ${{ matrix.platform || matrix.os }} binaries
       run: cibuildwheel --output-dir wheelhouse py
       env:
+        CIBW_ENABLE: 'pypy'
         CIBW_BUILD: '${{ matrix.python-version }}-*'
         # wasmtime doesn't support i686
         CIBW_SKIP: '*_i686 *-musllinux* *-win32'
@@ -173,6 +175,8 @@ jobs:
         CIBW_TEST_SKIP: '*-macosx_arm64 *-macosx_universal2:arm64'
         CIBW_BUILD_VERBOSITY: 1
 
+        MACOSX_DEPLOYMENT_TARGET: '10.12'
+
     - name: Upload artifacts
       uses: actions/upload-artifact@v4
       with:
@@ -244,7 +248,7 @@ jobs:
         path: dist
 
     - name: Publish package distributions to PyPI
-      uses: pypa/gh-action-pypi-publish@release/v1
+      uses: pypa/gh-action-pypi-publish@release/v1.12
       with:
         #repository-url: https://test.pypi.org/legacy/
         skip-existing: true

Cargo.toml

@@ -1,5 +1,5 @@
 [workspace.package]
-version = "0.10.0"
+version = "0.11.1"
 authors = ["Victor M. Alvarez <[email protected]>"]
 edition = "2021"
 homepage = "https://virustotal.github.io/yara-x"
@@ -89,8 +89,8 @@ regex-automata = "0.4.7"
 roxmltree = "0.20.0"
 rsa = "0.9.6"
 rustc-hash = "2.0.0"
-serde = "=1.0.210"
-serde_json = "1.0.132"
+serde = "1.0.215"
+serde_json = "1.0.133"
 sha1 = "0.10.6"
 sha2 = "0.10.8"
 smallvec = "1.13.2"
@@ -105,11 +105,11 @@ x509-parser = "0.16.0"
 yaml-rust = "0.4.5"
 yansi = "1.0.1"
 yara-x = { path = "lib" }
-yara-x-fmt = { path = "fmt", version = "0.10.0" }
-yara-x-macros = { path = "macros", version = "0.10.0" }
-yara-x-parser = { path = "parser", version = "0.10.0" }
-yara-x-proto = { path = "proto", version = "0.10.0" }
-yara-x-proto-yaml = { path = "proto-yaml", version = "0.10.0" }
+yara-x-fmt = { path = "fmt", version = "0.11.1" }
+yara-x-macros = { path = "macros", version = "0.11.1" }
+yara-x-parser = { path = "parser", version = "0.11.1" }
+yara-x-proto = { path = "proto", version = "0.11.1" }
+yara-x-proto-yaml = { path = "proto-yaml", version = "0.11.1" }
 zip = "2.1.1"
 
 # Special profile that builds a release binary with link-time optimization.

capi/Cargo.toml

@@ -12,7 +12,7 @@ homepage.workspace = true
 
 [features]
 # The `capi` feature is required by `cargo-c`.
-default = ["capi", "rules-profiling"]
+default = ["capi"]
 capi = []
 
 # When enabled, the serialization of compiled rules include native code for
@@ -29,7 +29,7 @@ native-code-serialization = ["yara-x/native-code-serialization"]
 
 # Enables rules profiling.
 #
-# This feature is enabled by default.
+# This feature is disabled by default.
 rules-profiling = ["yara-x/rules-profiling"]
 
 

capi/include/yara_x.h

@@ -80,6 +80,9 @@ typedef enum YRX_RESULT {
   SERIALIZATION_ERROR,
   // An error returned when a rule doesn't have any metadata.
   NO_METADATA,
+  // An error returned in cases where some API is not supported because the
+  // library was not built with the required features.
+  NOT_SUPPORTED,
 } YRX_RESULT;
 
 // A compiler that takes YARA source code and produces compiled rules.
@@ -708,7 +711,7 @@ enum YRX_RESULT yrx_scanner_set_global_float(struct YRX_SCANNER *scanner,
 // Iterates over the top N most expensive rules, calling the callback for
 // each rule.
 //
-// Requires the `rules-profiling` feature.
+// Requires the `rules-profiling` feature, otherwise the
 //
 // See [`YRX_MOST_EXPENSIVE_RULES_CALLBACK`] for more details.
 enum YRX_RESULT yrx_scanner_iter_most_expensive_rules(struct YRX_SCANNER *scanner,

capi/src/lib.rs

@@ -152,6 +152,9 @@ pub enum YRX_RESULT {
     SERIALIZATION_ERROR,
     /// An error returned when a rule doesn't have any metadata.
     NO_METADATA,
+    /// An error returned in cases where some API is not supported because the
+    /// library was not built with the required features.
+    NOT_SUPPORTED,
 }
 
 /// Returns the error message for the most recent function in this API

capi/src/scanner.rs

@@ -61,11 +61,11 @@ pub unsafe extern "C" fn yrx_scanner_set_timeout(
     scanner: *mut YRX_SCANNER,
     timeout: u64,
 ) -> YRX_RESULT {
-    if scanner.is_null() {
-        return YRX_RESULT::INVALID_ARGUMENT;
-    }
+    let scanner = match scanner.as_mut() {
+        Some(s) => s,
+        None => return YRX_RESULT::INVALID_ARGUMENT,
+    };
 
-    let scanner = scanner.as_mut().unwrap();
     scanner.inner.set_timeout(Duration::from_secs(timeout));
 
     YRX_RESULT::SUCCESS
@@ -84,16 +84,16 @@ pub unsafe extern "C" fn yrx_scanner_scan(
 ) -> YRX_RESULT {
     _yrx_set_last_error::<ScanError>(None);
 
-    if scanner.is_null() {
-        return YRX_RESULT::INVALID_ARGUMENT;
-    }
+    let scanner = match scanner.as_mut() {
+        Some(s) => s,
+        None => return YRX_RESULT::INVALID_ARGUMENT,
+    };
 
     let data = match slice_from_ptr_and_len(data, len) {
         Some(data) => data,
         None => return YRX_RESULT::INVALID_ARGUMENT,
     };
 
-    let scanner = scanner.as_mut().unwrap();
     let scan_results = scanner.inner.scan(data);
 
     if let Err(err) = scan_results {
@@ -178,9 +178,10 @@ pub unsafe extern "C" fn yrx_scanner_set_module_output(
     data: *const u8,
     len: usize,
 ) -> YRX_RESULT {
-    if scanner.is_null() {
-        return YRX_RESULT::INVALID_ARGUMENT;
-    }
+    let scanner = match scanner.as_mut() {
+        Some(s) => s,
+        None => return YRX_RESULT::INVALID_ARGUMENT,
+    };
 
     let module_name = match CStr::from_ptr(name).to_str() {
         Ok(name) => name,
@@ -195,8 +196,6 @@ pub unsafe extern "C" fn yrx_scanner_set_module_output(
         None => return YRX_RESULT::INVALID_ARGUMENT,
     };
 
-    let scanner = scanner.as_mut().unwrap();
-
     match scanner.inner.set_module_output_raw(module_name, data) {
         Ok(_) => {
             _yrx_set_last_error::<ScanError>(None);
@@ -216,9 +215,10 @@ unsafe extern "C" fn yrx_scanner_set_global<
     ident: *const c_char,
     value: T,
 ) -> YRX_RESULT {
-    if scanner.is_null() {
-        return YRX_RESULT::INVALID_ARGUMENT;
-    }
+    let scanner = match scanner.as_mut() {
+        Some(s) => s,
+        None => return YRX_RESULT::INVALID_ARGUMENT,
+    };
 
     let ident = match CStr::from_ptr(ident).to_str() {
         Ok(ident) => ident,
@@ -228,8 +228,6 @@ unsafe extern "C" fn yrx_scanner_set_global<
         }
     };
 
-    let scanner = scanner.as_mut().unwrap();
-
     match scanner.inner.set_global(ident, value) {
         Ok(_) => {
             _yrx_set_last_error::<ScanError>(None);
@@ -327,35 +325,40 @@ pub type YRX_MOST_EXPENSIVE_RULES_CALLBACK = extern "C" fn(
 /// Iterates over the top N most expensive rules, calling the callback for
 /// each rule.
 ///
-/// Requires the `rules-profiling` feature.
+/// Requires the `rules-profiling` feature, otherwise the
 ///
 /// See [`YRX_MOST_EXPENSIVE_RULES_CALLBACK`] for more details.
-#[cfg(feature = "rules-profiling")]
 #[no_mangle]
+#[allow(unused_variables)]
 pub unsafe extern "C" fn yrx_scanner_iter_most_expensive_rules(
     scanner: *mut YRX_SCANNER,
     n: usize,
     callback: YRX_MOST_EXPENSIVE_RULES_CALLBACK,
     user_data: *mut c_void,
 ) -> YRX_RESULT {
-    if scanner.is_null() {
-        return YRX_RESULT::INVALID_ARGUMENT;
-    }
-
-    let scanner = scanner.as_ref().unwrap();
+    #[cfg(not(feature = "rules-profiling"))]
+    return YRX_RESULT::NOT_SUPPORTED;
+
+    #[cfg(feature = "rules-profiling")]
+    {
+        let scanner = match scanner.as_ref() {
+            Some(s) => s,
+            None => return YRX_RESULT::INVALID_ARGUMENT,
+        };
 
-    for profiling_info in scanner.inner.most_expensive_rules(n) {
-        let namespace = CString::new(profiling_info.namespace).unwrap();
-        let rule = CString::new(profiling_info.rule).unwrap();
+        for profiling_info in scanner.inner.most_expensive_rules(n) {
+            let namespace = CString::new(profiling_info.namespace).unwrap();
+            let rule = CString::new(profiling_info.rule).unwrap();
+
+            callback(
+                namespace.as_ptr(),
+                rule.as_ptr(),
+                profiling_info.pattern_matching_time.as_secs_f64(),
+                profiling_info.condition_exec_time.as_secs_f64(),
+                user_data,
+            );
+        }
 
-        callback(
-            namespace.as_ptr(),
-            rule.as_ptr(),
-            profiling_info.pattern_matching_time.as_secs_f64(),
-            profiling_info.condition_exec_time.as_secs_f64(),
-            user_data,
-        );
+        YRX_RESULT::SUCCESS
     }
-
-    YRX_RESULT::SUCCESS
 }