On 2018-11-19 at 08:02 -0800, dmw wrote: > Some additional info - I reran the ./configure script as ./configure > --with-pic --enable-crypto --enable-dotnet --enable-magic > --enable-cuckoo --with-crypto to include "--with-pic". Yara, of > course compiled, but when attempting to link libyara.a using the given > makefile, additional errors were produced. A snapshot of those errors, > below seems to indicate basic c standard library are no longer > locatable in the libyara object files.
That configure command worked for me under Linux. > wget https://github.com/VirusTotal/yara/archive/v3.8.1.tar.gz > tar -xvf v3.8.1.tar.gz > cd yara-3.8.1/ > ./configure script as ./configure --with-pic --enable-crypto --enable-dotnet > --enable-magic --enable-cuckoo --with-crypt > ./bootstrap.sh > ./configure --with-pic --enable-crypto --enable-dotnet --enable-magic > --enable-cuckoo --with-crypto > make It complained that --enable-crypto was an unrecognized option, though. Given the error messages, it looks as if you were not linking to the C library (you describe it as being "no longer locatable in the libyara object files", but actually it's that libyara requires linking to libc, but the final executable is not). As you wan tot run it in an enclave, the issue is probably that you don't have the standard library available there. I don't know why you are trying to run yara in an enclave. As the piece that requires the stdio is the lexer, I would suggest splitting the yara part in two pieces, parsing the yara rule in "userland", passing that and doing just the actual matching in the enclave. Kind regards > -- You received this message because you are subscribed to the Google Groups "YARA" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
