Last active
June 14, 2020 20:59
-
-
Save wesinator/eda62d75e8bd437267477a887406d0c8 to your computer and use it in GitHub Desktop.
Convert yara-python C interface objects to usable python dict data structure.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # reduces yara.Match object to dict | |
| # work around yara.Match pickling issue with multiprocessing | |
| # https://github.com/VirusTotal/yara-python/issues/84#issuecomment-562228512 | |
| # yara.Match also does not work with __dict__ or json, or else I would use that | |
| def yaraMatchesToDict(yara_matches): | |
| match_list = [] | |
| for item in yara_matches: | |
| # reproduce structure in https://yara.readthedocs.io/en/latest/yarapython.html#yara.Match | |
| # using accessible python dict data structure | |
| match = {'rule': None, 'namespace': None, 'tags': [], 'meta': {}, 'strings': []} | |
| match['rule'] = item.rule | |
| match['namespace'] = item.namespace | |
| match['tags'] = item.tags | |
| match['meta'] = item.meta | |
| match['strings'] = item.strings | |
| # Add match to new list | |
| match_list.append(match) | |
| return match_list |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment