From f3d3136a1717603dbd309cd131be8b63bf2998c3 Mon Sep 17 00:00:00 2001 From: Matteo Cafasso Date: Tue, 25 Apr 2017 23:03:05 +0300 Subject: [PATCH] yara_scan: added API tests Signed-off-by: Matteo Cafasso --- Makefile.am | 1 + configure.ac | 1 + tests/yara/Makefile.am | 26 +++++++++++++++ tests/yara/test-yara-scan.sh | 61 ++++++++++++++++++++++++++++++++++++ 4 files changed, 89 insertions(+) create mode 100644 tests/yara/Makefile.am create mode 100755 tests/yara/test-yara-scan.sh diff --git a/Makefile.am b/Makefile.am index 6c072a1c1..209e3b511 100644 --- a/Makefile.am +++ b/Makefile.am @@ -86,6 +86,7 @@ SUBDIRS += tests/relative-paths SUBDIRS += tests/gdisk SUBDIRS += tests/regressions SUBDIRS += tests/tsk +SUBDIRS += tests/yara endif # Common code used by the tools. diff --git a/configure.ac b/configure.ac index d47fe4878..da7653e42 100644 --- a/configure.ac +++ b/configure.ac @@ -296,6 +296,7 @@ AC_CONFIG_FILES([Makefile tests/tsk/Makefile tests/xfs/Makefile tests/xml/Makefile + tests/yara/Makefile tools/Makefile utils/boot-analysis/Makefile utils/boot-benchmark/Makefile diff --git a/tests/yara/Makefile.am b/tests/yara/Makefile.am new file mode 100644 index 000000000..e23d94e4c --- /dev/null +++ b/tests/yara/Makefile.am @@ -0,0 +1,26 @@ +# libguestfs +# Copyright (C) 2016 Red Hat Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +include $(top_srcdir)/subdir-rules.mk + +TESTS = \ + test-yara-scan.sh + +TESTS_ENVIRONMENT = $(top_builddir)/run --test + +EXTRA_DIST = \ + $(TESTS) diff --git a/tests/yara/test-yara-scan.sh b/tests/yara/test-yara-scan.sh new file mode 100755 index 000000000..521ef1d95 --- /dev/null +++ b/tests/yara/test-yara-scan.sh @@ -0,0 +1,61 @@ +#!/bin/bash - +# libguestfs +# Copyright (C) 2016 Red Hat Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +# Test the yara_scan command. + +set -e + +$TEST_FUNCTIONS +skip_if_skipped +skip_unless_feature_available libyara +skip_unless_phony_guest blank-fs.img + +rm -f test-yara-rules.yar + +/bin/cat << EOF > test-yara-rules.yar +rule TestRule +{ + strings: + \$my_text_string = "some text" + + condition: + \$my_text_string +} +EOF + +output=$( +guestfish --ro -a ../../test-data/phony-guests/blank-fs.img <