feat: YAML serializer #53
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This introduces the `yara-x-proto-yaml` crate, which has a minimalistic API that takes a protobuf message and produces a YAML representation of it.
The `map` type in a protobuf is internally represented by a `HashMap`, which doesn't guarantee that items are always iterated in the the same order. The order may vary between executions, even if the map's content is the same. This means that we are forced to sort the items in the map before serializing them to YAML.
|
Reworked implementation of: #50 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Dumping module for YARA-X. This module can be run by
yr dump <binary-file> <options>, where options are not required and can be one of:--modules/-m=<module>and--output-format/-o=<format>.Currently supported output formats are:
Supported modules are for now ELF, MACH-O, PE and LNK, other modules can be easily added in future.
This module takes binary file and dumps parsed information to STDOUT. Modules used for parsing can be either selected and forced by using
--modules/-m=<module>option or if left empty it is automatically. User can specify also multiple modules used for parsing and output of all modules will be shown. Format can be selected via--output-format/-o=<format>. If left emptyhuman-readable YAMLformat is automatically selected. This format is basically valid YAML with additional colors and comments. This format also supports additional integer representation which can be selected by protobuf field descriptor and is also described inModule Developer's Guide.md.Together with this I have also added parametrized tests for end2end testing and did a minor change in
machomodule, where dylib version was represented as an integer. It would make much more sense to have this as a string (last two digits represents patch version, previous two minor version and rest is major version number).Integer field representation descriptors were added only into
machomodule. I think module author should do both while developing the module so feel free to add it into other modules that produces output or change it in existing modules. Colors for different parts of message can be easily changed inColorsConfigstructure. Indentation is also specified with constant that can be changed. Right now I have selected 4 spaces as indentation to match the JSON output with both colors and indentation.