yarascanner/main.go

package main

import (
	"encoding/json"
	"github.com/go-chi/chi"
	"github.com/hillu/go-yara/v4"
	"github.com/package-url/packageurl-go"
	log "github.com/sirupsen/logrus"
	"github.com/spf13/viper"
	"io"
	"net/http"
	"os"
	"os/signal"
	"runtime"
	"strings"
	"sync"
	"sync/atomic"
	"syscall"
	"time"
)

type callbackFunc func(yara.MatchRules, error)

type Job struct {
	Data     io.ReadCloser
	Callback callbackFunc
}

var (
	client *http.Client

	jobChan = make(chan *Job)

	jobCount      int64
	detectedCount int64
)

type statsResponse struct {
	Processed int64 `json:"jobsProcessed"`
	Detected  int64 `json:"detectionCount""`
}

type response struct {
	Success      bool            `json:"success"`
	Error        error           `json:"error,omitempty"`
	MatchedRules yara.MatchRules `json:"rules,omitempty"`
}

type multiResponse struct {
	Success bool                       `json:"success"`
	Files   map[string]yara.MatchRules `json:"files,omitempty"`
}

func main() {
	viper.SetDefault("threads", runtime.NumCPU())
	viper.SetDefault("rules", "pkg:github/Neo23x0/signature-base#yara")
	viper.SetDefault("bind", ":8080")

	viper.AutomaticEnv()

	client = &http.Client{
		Timeout: 15 * time.Second,
	}

	c, err := yara.NewCompiler()

	if err != nil {
		log.WithError(err).Fatal("Unable to setup new compiler")
	}

	c.DefineVariable("filename", "")
	c.DefineVariable("filepath", "")
	c.DefineVariable("extension", "")
	c.DefineVariable("filetype", "")

	log.Info("Loading rules")

	loadRules(c)

	rules, err := c.GetRules()

	if err != nil {
		log.WithError(err).Fatal("Unable to compile rules")
	}

	threads := viper.GetInt("threads")

	log.WithField("workers", threads).Info("Starting workers")

	for i := 0; i < threads; i++ {
		go worker(rules)
	}

	r := chi.NewRouter()

	r.Get("/stats", statsHandler)
	r.Post("/scan", scanHandler)

	bind := viper.GetString("bind")

	log.WithField("bind", bind).Info("Binding to address")

	go http.ListenAndServe(bind, r)

	ch := make(chan os.Signal)

	signal.Notify(ch, syscall.SIGKILL, syscall.SIGTERM, syscall.SIGINT)

	<-ch
}

func statsHandler(w http.ResponseWriter, r *http.Request) {
	w.Header().Set("Content-Type", "application/json")
	json.NewEncoder(w).Encode(statsResponse{Processed: atomic.LoadInt64(&jobCount), Detected: atomic.LoadInt64(&detectedCount)})
}

// HTTP handler for scanning files
func scanHandler(w http.ResponseWriter, r *http.Request) {
	contentType := r.Header.Get("Content-Type")

	if idx := strings.Index(contentType, ";"); idx != -1 {
		contentType = contentType[0:idx]
	}

	var res interface{}

	wg := &sync.WaitGroup{}

	switch contentType {
	case "multipart/form-data":
		if r.MultipartForm == nil {
			r.ParseMultipartForm(32 << 20)
		}

		log.WithField("contentType", contentType).Debug("Adding files from multipart form as jobs")

		fileCount := 0

		response := multiResponse{
			Success: true,
			Files:   make(map[string]yara.MatchRules),
		}

		fileLock := &sync.Mutex{}

		for _, files := range r.MultipartForm.File {
			// Append files
			for _, file := range files {
				wg.Add(1)

				fileCount++

				f, err := file.Open()

				if err != nil {
					continue
				}

				job := &Job{
					Data: f,
					Callback: func(m yara.MatchRules, err error) {
						fileLock.Lock()
						response.Files[file.Filename] = m
						fileLock.Unlock()

						wg.Done()
					},
				}

				jobChan <- job
			}
		}

		log.WithField("count", fileCount).Debug("Waiting for jobs to finish")

		wg.Wait()

		log.WithField("matches", res).Debug("Matched rules")

		res = response
	default:
		wg.Add(1)

		job := &Job{
			Data: r.Body,
			Callback: func(m yara.MatchRules, err error) {
				log.WithField("match", m).Debug("Matched rules")

				if err != nil {
					res = response{Success: false, Error: err}
				} else {
					res = response{Success: true, MatchedRules: m}
				}

				if err != nil {
					log.WithError(err).Error("Unable to send response")
				}

				wg.Done()
			},
		}

		log.WithField("contentType", contentType).Debug("Scanning contents of body")

		jobChan <- job
	}

	wg.Wait()

	w.Header().Set("Content-Type", "application/json")

	err := json.NewEncoder(w).Encode(res)

	if err != nil {
		log.WithError(err).Error("Unable to send response")
	}
}

// Load rules from the rules configuration option
func loadRules(c *yara.Compiler) {
	rulePaths := strings.Split(viper.GetString("rules"), ",")

	for _, p := range rulePaths {
		log.WithField("package", p).Info("Loading rules from package")

		instance, err := packageurl.FromString(p)

		if err != nil {
			log.WithFields(log.Fields{
				"error":   err,
				"package": p,
			}).Fatalln("Invalid rule URL")
		}

		switch instance.Type {
		case "git", "bitbucket", "github", "gitlab":
			err = loadRulesFromGit(instance, c)
		case "http", "https":
			err = loadRulesFromHttp(instance, c)
		}

		if err != nil {
			log.WithFields(log.Fields{
				"error":   err,
				"package": p,
			}).Fatalln("Unable to load rules")
		}
	}
}

// Load rules from http(s)
// TODO: Support archive files alongside standard yar files
func loadRulesFromHttp(pkg packageurl.PackageURL, c *yara.Compiler) error {
	res, err := client.Get(pkg.Type + "://" + pkg.Namespace + "/" + pkg.Name)

	if err != nil {
		return err
	}

	defer res.Body.Close()

	b, err := io.ReadAll(res.Body)

	if err != nil {
		return err
	}

	return c.AddString(string(b), "")
}

// A worker routine. Creates a new scanner instance and pulls jobs.
func worker(rules *yara.Rules) {
	s, err := yara.NewScanner(rules)

	if err != nil {
		panic(err)
	}

	for {
		job := <-jobChan

		log.Debug("Processing job")

		processJob(s, job)
	}
}

func processJob(s *yara.Scanner, job *Job) {
	m := make(yara.MatchRules, 0)

	atomic.AddInt64(&jobCount, 1)

	defer job.Data.Close()

	b, err := io.ReadAll(job.Data)

	if err != nil {
		job.Callback(nil, err)
		return
	}

	err = s.SetCallback(&m).ScanMem(b)

	if err != nil {
		job.Callback(nil, err)
		return
	}

	if len(m) > 0 {
		atomic.AddInt64(&detectedCount, 1)
	}

	job.Callback(m, nil)
}
first commit 2021-02-25 02:46:02 +00:00			`package main`

			`import (`
			`"encoding/json"`
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`"github.com/go-chi/chi"`
Use Yara 4.0.5, update api 2021-02-25 03:00:39 +00:00			`"github.com/hillu/go-yara/v4"`
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`"github.com/package-url/packageurl-go"`
first commit 2021-02-25 02:46:02 +00:00			`log "github.com/sirupsen/logrus"`
			`"github.com/spf13/viper"`
			`"io"`
			`"net/http"`
			`"os"`
			`"os/signal"`
			`"runtime"`
			`"strings"`
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`"sync"`
Disable debug, add stats, set content type on responses 2021-03-08 06:11:43 +00:00			`"sync/atomic"`
first commit 2021-02-25 02:46:02 +00:00			`"syscall"`
			`"time"`
			`)`

Update responses to use slice instead of pointer 2021-03-08 02:32:42 +00:00			`type callbackFunc func(yara.MatchRules, error)`
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00
first commit 2021-02-25 02:46:02 +00:00			`type Job struct {`
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`Data io.ReadCloser`
			`Callback callbackFunc`
first commit 2021-02-25 02:46:02 +00:00			`}`

			`var (`
			`client *http.Client`
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00
			`jobChan = make(chan *Job)`
Disable debug, add stats, set content type on responses 2021-03-08 06:11:43 +00:00
			`jobCount int64`
			`detectedCount int64`
first commit 2021-02-25 02:46:02 +00:00			`)`

Disable debug, add stats, set content type on responses 2021-03-08 06:11:43 +00:00			`type statsResponse struct {`
			Processed int64 `json:"jobsProcessed"`
			Detected int64 `json:"detectionCount""`
			`}`

Add success field, matched rules output 2021-03-08 02:26:57 +00:00			`type response struct {`
			Success bool `json:"success"`
Add error to json response 2021-03-08 02:27:47 +00:00			Error error `json:"error,omitempty"`
Add success field, matched rules output 2021-03-08 02:26:57 +00:00			MatchedRules yara.MatchRules `json:"rules,omitempty"`
			`}`

			`type multiResponse struct {`
			Success bool `json:"success"`
			Files map[string]yara.MatchRules `json:"files,omitempty"`
			`}`

first commit 2021-02-25 02:46:02 +00:00			`func main() {`
			`viper.SetDefault("threads", runtime.NumCPU())`
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`viper.SetDefault("rules", "pkg:github/Neo23x0/signature-base#yara")`
Add bind debug 2021-03-07 05:03:48 +00:00			`viper.SetDefault("bind", ":8080")`
first commit 2021-02-25 02:46:02 +00:00
			`viper.AutomaticEnv()`

			`client = &http.Client{`
			`Timeout: 15 * time.Second,`
			`}`

			`c, err := yara.NewCompiler()`

			`if err != nil {`
			`log.WithError(err).Fatal("Unable to setup new compiler")`
			`}`

Add other variables for empty settings 2021-03-07 04:48:25 +00:00			`c.DefineVariable("filename", "")`
Define filepath as empty string 2021-03-07 04:47:15 +00:00			`c.DefineVariable("filepath", "")`
Add other variables for empty settings 2021-03-07 04:48:25 +00:00			`c.DefineVariable("extension", "")`
			`c.DefineVariable("filetype", "")`
Define filepath as empty string 2021-03-07 04:47:15 +00:00
Additional messages for debugging 2021-03-07 04:52:50 +00:00			`log.Info("Loading rules")`

first commit 2021-02-25 02:46:02 +00:00			`loadRules(c)`

			`rules, err := c.GetRules()`

			`if err != nil {`
			`log.WithError(err).Fatal("Unable to compile rules")`
			`}`

			`threads := viper.GetInt("threads")`

			`log.WithField("workers", threads).Info("Starting workers")`

			`for i := 0; i < threads; i++ {`
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`go worker(rules)`
first commit 2021-02-25 02:46:02 +00:00			`}`

Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`r := chi.NewRouter()`
first commit 2021-02-25 02:46:02 +00:00
Disable debug, add stats, set content type on responses 2021-03-08 06:11:43 +00:00			`r.Get("/stats", statsHandler)`
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`r.Post("/scan", scanHandler)`
first commit 2021-02-25 02:46:02 +00:00
Add bind debug 2021-03-07 05:03:48 +00:00			`bind := viper.GetString("bind")`

			`log.WithField("bind", bind).Info("Binding to address")`

			`go http.ListenAndServe(bind, r)`
first commit 2021-02-25 02:46:02 +00:00
			`ch := make(chan os.Signal)`

			`signal.Notify(ch, syscall.SIGKILL, syscall.SIGTERM, syscall.SIGINT)`

Use Yara 4.0.5, update api 2021-02-25 03:00:39 +00:00			`<-ch`
first commit 2021-02-25 02:46:02 +00:00			`}`

Disable debug, add stats, set content type on responses 2021-03-08 06:11:43 +00:00			`func statsHandler(w http.ResponseWriter, r *http.Request) {`
			`w.Header().Set("Content-Type", "application/json")`
			`json.NewEncoder(w).Encode(statsResponse{Processed: atomic.LoadInt64(&jobCount), Detected: atomic.LoadInt64(&detectedCount)})`
			`}`

Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`// HTTP handler for scanning files`
			`func scanHandler(w http.ResponseWriter, r *http.Request) {`
			`contentType := r.Header.Get("Content-Type")`
first commit 2021-02-25 02:46:02 +00:00
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`if idx := strings.Index(contentType, ";"); idx != -1 {`
			`contentType = contentType[0:idx]`
			`}`
first commit 2021-02-25 02:46:02 +00:00
Properly hold handler until jobs done 2021-03-08 02:48:22 +00:00			`var res interface{}`

			`wg := &sync.WaitGroup{}`

Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`switch contentType {`
			`case "multipart/form-data":`
			`if r.MultipartForm == nil {`
			`r.ParseMultipartForm(32 << 20)`
first commit 2021-02-25 02:46:02 +00:00			`}`

Add success field, matched rules output 2021-03-08 02:26:57 +00:00			`log.WithField("contentType", contentType).Debug("Adding files from multipart form as jobs")`
Ensure callback is called 2021-03-07 05:18:28 +00:00
Add success field, matched rules output 2021-03-08 02:26:57 +00:00			`fileCount := 0`
Ensure callback is called 2021-03-07 05:18:28 +00:00
Properly hold handler until jobs done 2021-03-08 02:48:22 +00:00			`response := multiResponse{`
Add success field, matched rules output 2021-03-08 02:26:57 +00:00			`Success: true,`
			`Files: make(map[string]yara.MatchRules),`
first commit 2021-02-25 02:46:02 +00:00			`}`

Add success field, matched rules output 2021-03-08 02:26:57 +00:00			`fileLock := &sync.Mutex{}`
More debugging! 2021-03-07 05:02:55 +00:00
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`for _, files := range r.MultipartForm.File {`
			`// Append files`
			`for _, file := range files {`
			`wg.Add(1)`
first commit 2021-02-25 02:46:02 +00:00
More debugging! 2021-03-07 05:02:55 +00:00			`fileCount++`

Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`f, err := file.Open()`
first commit 2021-02-25 02:46:02 +00:00
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`if err != nil {`
			`continue`
			`}`
first commit 2021-02-25 02:46:02 +00:00
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`job := &Job{`
Add success field, matched rules output 2021-03-08 02:26:57 +00:00			`Data: f,`
Update responses to use slice instead of pointer 2021-03-08 02:32:42 +00:00			`Callback: func(m yara.MatchRules, err error) {`
Add success field, matched rules output 2021-03-08 02:26:57 +00:00			`fileLock.Lock()`
Properly hold handler until jobs done 2021-03-08 02:48:22 +00:00			`response.Files[file.Filename] = m`
Add success field, matched rules output 2021-03-08 02:26:57 +00:00			`fileLock.Unlock()`

			`wg.Done()`
			`},`
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`}`
first commit 2021-02-25 02:46:02 +00:00
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`jobChan <- job`
			`}`
first commit 2021-02-25 02:46:02 +00:00			`}`

More debugging! 2021-03-07 05:02:55 +00:00			`log.WithField("count", fileCount).Debug("Waiting for jobs to finish")`

Properly hold handler until jobs done 2021-03-08 02:48:22 +00:00			`wg.Wait()`

Add success field, matched rules output 2021-03-08 02:26:57 +00:00			`log.WithField("matches", res).Debug("Matched rules")`
Output error from encoding 2021-03-08 02:44:10 +00:00
Properly hold handler until jobs done 2021-03-08 02:48:22 +00:00			`res = response`
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`default:`
Properly hold handler until jobs done 2021-03-08 02:48:22 +00:00			`wg.Add(1)`

Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`job := &Job{`
			`Data: r.Body,`
Update responses to use slice instead of pointer 2021-03-08 02:32:42 +00:00			`Callback: func(m yara.MatchRules, err error) {`
Ensure callback is called 2021-03-07 05:18:28 +00:00			`log.WithField("match", m).Debug("Matched rules")`

			`if err != nil {`
Properly hold handler until jobs done 2021-03-08 02:48:22 +00:00			`res = response{Success: false, Error: err}`
Ensure callback is called 2021-03-07 05:18:28 +00:00			`} else {`
Properly hold handler until jobs done 2021-03-08 02:48:22 +00:00			`res = response{Success: true, MatchedRules: m}`
Output error from encoding 2021-03-08 02:44:10 +00:00			`}`

			`if err != nil {`
			`log.WithError(err).Error("Unable to send response")`
Ensure callback is called 2021-03-07 05:18:28 +00:00			`}`
Properly hold handler until jobs done 2021-03-08 02:48:22 +00:00
			`wg.Done()`
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`},`
			`}`
first commit 2021-02-25 02:46:02 +00:00
More debugging! 2021-03-07 05:02:55 +00:00			`log.WithField("contentType", contentType).Debug("Scanning contents of body")`

Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`jobChan <- job`
first commit 2021-02-25 02:46:02 +00:00			`}`
Properly hold handler until jobs done 2021-03-08 02:48:22 +00:00
			`wg.Wait()`

Disable debug, add stats, set content type on responses 2021-03-08 06:11:43 +00:00			`w.Header().Set("Content-Type", "application/json")`

Properly hold handler until jobs done 2021-03-08 02:48:22 +00:00			`err := json.NewEncoder(w).Encode(res)`

			`if err != nil {`
			`log.WithError(err).Error("Unable to send response")`
			`}`
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`}`
first commit 2021-02-25 02:46:02 +00:00
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`// Load rules from the rules configuration option`
			`func loadRules(c *yara.Compiler) {`
			`rulePaths := strings.Split(viper.GetString("rules"), ",")`
first commit 2021-02-25 02:46:02 +00:00
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`for _, p := range rulePaths {`
Additional messages for debugging 2021-03-07 04:52:50 +00:00			`log.WithField("package", p).Info("Loading rules from package")`

Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`instance, err := packageurl.FromString(p)`
first commit 2021-02-25 02:46:02 +00:00
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`if err != nil {`
			`log.WithFields(log.Fields{`
			`"error": err,`
			`"package": p,`
			`}).Fatalln("Invalid rule URL")`
			`}`
first commit 2021-02-25 02:46:02 +00:00
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`switch instance.Type {`
			`case "git", "bitbucket", "github", "gitlab":`
			`err = loadRulesFromGit(instance, c)`
			`case "http", "https":`
			`err = loadRulesFromHttp(instance, c)`
			`}`
first commit 2021-02-25 02:46:02 +00:00
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`if err != nil {`
			`log.WithFields(log.Fields{`
			`"error": err,`
			`"package": p,`
			`}).Fatalln("Unable to load rules")`
			`}`
first commit 2021-02-25 02:46:02 +00:00			`}`
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`}`
first commit 2021-02-25 02:46:02 +00:00
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`// Load rules from http(s)`
			`// TODO: Support archive files alongside standard yar files`
			`func loadRulesFromHttp(pkg packageurl.PackageURL, c *yara.Compiler) error {`
Combine namespace 2021-03-09 04:18:19 +00:00			`res, err := client.Get(pkg.Type + "://" + pkg.Namespace + "/" + pkg.Name)`
first commit 2021-02-25 02:46:02 +00:00
			`if err != nil {`
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`return err`
first commit 2021-02-25 02:46:02 +00:00			`}`

Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`defer res.Body.Close()`
first commit 2021-02-25 02:46:02 +00:00
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`b, err := io.ReadAll(res.Body)`
first commit 2021-02-25 02:46:02 +00:00
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`if err != nil {`
			`return err`
first commit 2021-02-25 02:46:02 +00:00			`}`
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00
			`return c.AddString(string(b), "")`
first commit 2021-02-25 02:46:02 +00:00			`}`

Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`// A worker routine. Creates a new scanner instance and pulls jobs.`
			`func worker(rules *yara.Rules) {`
first commit 2021-02-25 02:46:02 +00:00			`s, err := yara.NewScanner(rules)`

			`if err != nil {`
			`panic(err)`
			`}`

			`for {`
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`job := <-jobChan`
first commit 2021-02-25 02:46:02 +00:00
More debugging! 2021-03-07 05:02:55 +00:00			`log.Debug("Processing job")`

first commit 2021-02-25 02:46:02 +00:00			`processJob(s, job)`
			`}`
			`}`

Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`func processJob(s yara.Scanner, job Job) {`
Update responses to use slice instead of pointer 2021-03-08 02:32:42 +00:00			`m := make(yara.MatchRules, 0)`
Use Yara 4.0.5, update api 2021-02-25 03:00:39 +00:00
Disable debug, add stats, set content type on responses 2021-03-08 06:11:43 +00:00			`atomic.AddInt64(&jobCount, 1)`

Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`defer job.Data.Close()`
first commit 2021-02-25 02:46:02 +00:00
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`b, err := io.ReadAll(job.Data)`
first commit 2021-02-25 02:46:02 +00:00
Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`if err != nil {`
Ensure callback is called 2021-03-07 05:18:28 +00:00			`job.Callback(nil, err)`
first commit 2021-02-25 02:46:02 +00:00			`return`
			`}`

Change to HTTP microservice, use proper git/etc for loading packages 2021-03-07 04:32:49 +00:00			`err = s.SetCallback(&m).ScanMem(b)`
first commit 2021-02-25 02:46:02 +00:00
			`if err != nil {`
Ensure callback is called 2021-03-07 05:18:28 +00:00			`job.Callback(nil, err)`
first commit 2021-02-25 02:46:02 +00:00			`return`
			`}`

Disable debug, add stats, set content type on responses 2021-03-08 06:11:43 +00:00			`if len(m) > 0 {`
			`atomic.AddInt64(&detectedCount, 1)`
			`}`

Update responses to use slice instead of pointer 2021-03-08 02:32:42 +00:00			`job.Callback(m, nil)`
Use Yara 4.0.5, update api 2021-02-25 03:00:39 +00:00			`}`