Added readme and made changes per review comments

thirdparty/yara/ReadMe.txt

@@ -0,0 +1,39 @@
+This folder contains the projects you need for building and testing the yarabridge.dll and YaraJNIWrapper.jar.
+
+bin:
+Contains the built dll and jar.
+
+yarabridge:
+VS project to create the dll that wraps the the libyara library.
+
+YaraJNIWrapper:
+Simple jar file that contains the native JNI methods for accessing the yarabridge.dll. 
+
+
+Steps for building yarabridge, YaraJNIWrapper and YaraWrapperTest.
+
+1. Clone the yara repo at the same level as you have the autopsy repo. https://github.com/VirusTotal/yara
+2. Build libyara:
+	- Open the project yara/windows/2015/yara.sln
+	- Build Release x64.
+3. Open the yarabridge project and build Release x64.
+	-If you have link issues, make sure you build release x64 in the previous step.
+	-This project will automatically copy the built dll to the bin folder.
+4. Build YaraJNIWrapper
+	- Open in netbeans and select Build.
+	- Manually move the newly build jar file to the bin folder. After building the jar file can be found in
+	  yara/YaraJNIWrapper/dist/
+	- Any matching rules will appear on the CL or the output of the project.
+5. Test
+	- Open the YaraWrapperTest
+	- In the Run Properties you need to specify the path to a compiled yara rule file and a file to search. 
+	  There are sample files in YaraWrapperTest\resources.
+	- If you would like to make your own compiled rule file you can use the yarac tool that can be found
+	  in yara/windows/vs2015/Release, if its not there go back to the yara project and build all of the 
+	  projects.
+
+Troubleshooting:
+- When building libyara make sure that you are building the vs2015 project (There is a vs2017 project too). 
+  The paths in the yarabrige package are relative, but assume
+  that you are building the release version of the dll with the vs2015 project.
+- Don't forget to move the YaraJNIWrapper.jar after you build it. 

thirdparty/yara/YaraJNIWrapper/src/org/sleuthkit/autopsy/yara/YaraJNIWrapper.java

@@ -57,7 +57,7 @@ public class YaraJNIWrapper {
      *
      * @throws YaraWrapperException
      */
-    static public native List<String> FindRuleMatch(String compiledRulesPath, byte[] byteBuffer) throws YaraWrapperException;
+    static public native List<String> findRuleMatch(String compiledRulesPath, byte[] byteBuffer) throws YaraWrapperException;
 
     /**
      * private constructor.

thirdparty/yara/YaraWrapperTest/src/org/sleuthkit/autopsy/yara/YaraWrapperTest.java

@@ -23,6 +23,8 @@ import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.util.List;
+import java.util.logging.Level;
+import java.util.logging.Logger;
 
 import org.sleuthkit.autopsy.yara.YaraJNIWrapper;
 import org.sleuthkit.autopsy.yara.YaraWrapperException;
@@ -32,13 +34,15 @@ import org.sleuthkit.autopsy.yara.YaraWrapperException;
  */
 public class YaraWrapperTest {
 
+    private static final Logger logger = Logger.getLogger(YaraWrapperTest.class.getName());
+
     public static void main(String[] args) {
         if (args.length < 2) {
             System.out.println("Please supply two arguments, a yara compiled rule path and a path to the file to scan.");
             return;
         }
 
-        TestFileRuleMatch(args[0], args[1]);
+        testFileRuleMatch(args[0], args[1]);
     }
 
     /**
@@ -48,29 +52,29 @@ public class YaraWrapperTest {
      * @param compiledRulePath Path to yara compiled rule file
      * @param filePath         Path to file
      */
-    private static void TestFileRuleMatch(String compiledRulePath, String filePath) {
+    private static void testFileRuleMatch(String compiledRulePath, String filePath) {
         Path path = Paths.get(filePath);
 
         try {
             byte[] data = Files.readAllBytes(path);
 
-            List<String> list = YaraJNIWrapper.FindRuleMatch(compiledRulePath, data);
+            List<String> list = YaraJNIWrapper.findRuleMatch(compiledRulePath, data);
 
             if (list != null) {
                 if (list.isEmpty()) {
                     System.out.println("FindRuleMatch return an empty list");
                 } else {
+                    System.out.println("Matching Rules:");
                     for (String s : list) {
-                        System.out.println("Matching Rules:");
                         System.out.println(s);
                     }
                 }
             } else {
-                System.out.println("FindRuleMatch return a null list");
+                logger.log(Level.SEVERE, "FindRuleMatch return a null list");
             }
 
         } catch (IOException | YaraWrapperException ex) {
-            ex.printStackTrace();
+            logger.log(Level.SEVERE, "Error thrown from yarabridge", ex);
         }
     }
 

thirdparty/yara/yarabridge/yarabridge/YaraJNIWrapper.cpp

@@ -84,7 +84,7 @@ jobject createArrayList(JNIEnv *env, std::vector<std::string> vector) {
 * Method:    FindRuleMatch
 * Signature: (Ljava/lang/String;[B)Ljava/util/List;
 */
-JNIEXPORT jobject JNICALL Java_org_sleuthkit_autopsy_yara_YaraJNIWrapper_FindRuleMatch
+JNIEXPORT jobject JNICALL Java_org_sleuthkit_autopsy_yara_YaraJNIWrapper_findRuleMatch
 (JNIEnv * env, jclass cls, jstring compiledRulePath, jbyteArray fileByteArray) {
 	
 	char errorMessage[256];

thirdparty/yara/yarabridge/yarabridge/YaraJNIWrapper.h

@@ -12,7 +12,7 @@ extern "C" {
 	* Method:    FindRuleMatch
 	* Signature: (Ljava/lang/String;[B)Ljava/util/List;
 	*/
-	JNIEXPORT jobject JNICALL Java_org_sleuthkit_autopsy_yara_YaraJNIWrapper_FindRuleMatch
+	JNIEXPORT jobject JNICALL Java_org_sleuthkit_autopsy_yara_YaraJNIWrapper_findRuleMatch
 	(JNIEnv *, jclass, jstring, jbyteArray);
 
 #ifdef __cplusplus