Skip to content

Commit

Permalink
feat: Implement -c
Browse files Browse the repository at this point in the history 
Implement the -c argument that prints the number of rules that matched for each
file.
  • Loading branch information
@wxsBSD
wxsBSD committed Aug 6, 2024
1 parent 8cb3b56 commit 7bdf75c
Showing 1 changed file with 24 additions and 1 deletion.
25 changes: 24 additions & 1 deletion cli/src/commands/scan.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,10 @@ pub fn scan() -> Command {
arg!(-g --"print-tags")
.help("Print rule tags")
)
.arg(
arg!(-c --"count")
.help("Print only number of matches")
)
.arg(
arg!(--"disable-console-logs")
.help("Disable printing console log messages")
Expand Down Expand Up @@ -155,6 +159,7 @@ pub fn exec_scan(args: &ArgMatches) -> anyhow::Result<()> {
let path_as_namespace = args.get_flag("path-as-namespace");
let skip_larger = args.get_one::<u64>("skip-larger");
let negate = args.get_flag("negate");
let count = args.get_flag("count");
let disable_console_logs = args.get_flag("disable-console-logs");
let scan_list = args.get_flag("scan-list");

Expand Down Expand Up @@ -298,7 +303,25 @@ pub fn exec_scan(args: &ArgMatches) -> anyhow::Result<()> {

let scan_results = scan_results?;

if negate {
if count {
// The behavior of original YARA is to ignore things like -n and
// -t when using -c so we are doing it here also.
let match_count = scan_results.matching_rules().len();
let line = format!(
"{}: {}",
&file_path.display().to_string(),
match_count
);
output.send(Message::Info(line)).unwrap();

// Update the total number of matching, so the "summary" is
// correct at the end of the run.
if match_count > 0 {
state
.num_matching_files
.fetch_add(match_count, Ordering::Relaxed);
}
} else if negate {
let mut matching_rules = scan_results.non_matching_rules();
if matching_rules.len() > 0 {
state.num_matching_files.fetch_add(1, Ordering::Relaxed);
Expand Down

0 comments on commit 7bdf75c

Please sign in to comment.