Cleaned up the test code

2025-07-15 01:07:42 +00:00 · 2020-10-28 14:28:45 -04:00 · 2020-10-28 14:28:45 -04:00 · 1bbfc0b4f5
commit 1bbfc0b4f5
parent 7a0054f9a9
3 changed files with 51 additions and 15 deletions
--- a/Tools/yara/YaraWrapperTest/resources/hello.compiled
+++ b/Tools/yara/YaraWrapperTest/resources/hello.compiled
--- a/Tools/yara/YaraWrapperTest/resources/hello.txt
+++ b/Tools/yara/YaraWrapperTest/resources/hello.txt
@ -0,0 +1 @@
+Hello World
--- a/Tools/yara/YaraWrapperTest/src/org/sleuthkit/autopsy/yara/YaraWrapperTest.java
+++ b/Tools/yara/YaraWrapperTest/src/org/sleuthkit/autopsy/yara/YaraWrapperTest.java
@ -1,7 +1,20 @@
 /*
- * To change this license header, choose License Headers in Project Properties.
- * To change this template file, choose Tools | Templates
- * and open the template in the editor.
+ * Autopsy Forensic Browser
+ *
+ * Copyright 2020 Basis Technology Corp.
+ * Contact: carrier <at> sleuthkit <dot> org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
 */
 package org.sleuthkit.autopsy.yara;

@ -14,28 +27,50 @@ import java.util.List;
 import org.sleuthkit.autopsy.yara.YaraJNIWrapper;
 import org.sleuthkit.autopsy.yara.YaraWrapperException;

-
+/**
+ * Tests the YaraJNIWrapper code.
+ */
 public class YaraWrapperTest {

-    private static String compiledRulePath = "C:\\Temp\\yara\\hello.compiled";
-    private static String textFilePath = "C:\\Temp\\yara\\hello.txt";
-
    public static void main(String[] args) {
-        Path path = Paths.get(textFilePath);
+        if (args.length < 2) {
+            System.out.println("Please supply two arguments, a yara compiled rule path and a path to the file to scan.");
+            return;
+        }
+
+        TestFileRuleMatch(args[0], args[1]);
+    }
+
+    /**
+     * Call the YaraJNIWrapper FindRuleMatch with the given path and output the
+     * results to the cl.
+     *
+     * @param compiledRulePath Path to yara compiled rule file
+     * @param filePath         Path to file
+     */
+    private static void TestFileRuleMatch(String compiledRulePath, String filePath) {
+        Path path = Paths.get(filePath);
+
        try {
            byte[] data = Files.readAllBytes(path);

            List<String> list = YaraJNIWrapper.FindRuleMatch(compiledRulePath, data);

-            for (String s : list) {
-                System.out.println(s);
+            if (list != null) {
+                if (list.isEmpty()) {
+                    System.out.println("FindRuleMatch return an empty list");
+                } else {
+                    for (String s : list) {
+                        System.out.println("Matching Rules:");
+                        System.out.println(s);
+                    }
+                }
+            } else {
+                System.out.println("FindRuleMatch return a null list");
            }

-        } catch (IOException e) {
-            // TODO Auto-generated catch block
-            e.printStackTrace();
-        } catch (YaraWrapperException ex) {
-            System.out.println("it worked");
+        } catch (IOException | YaraWrapperException ex) {
+            ex.printStackTrace();
        }
    }